[sslh] Restrictive squid proxy
Nicolai Ehemann
en at enlightened.de
Wed Aug 7 09:36:31 CEST 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
> My sgoal is more complex.
> I've got two boxes: - router - NAS.
>
> NAS is behind the router on the internal LAN.
>
> I want to reach them from my office through a resctrictive HTTP
> proxy on which 3 ports can be used: 22, 80, 443.
>
> On my router running SSH and WEB page for admin (HTTP/ HTTPS). I
> want to connect to SSH and HTTPS from the Net.
>
> On my NAS there are many services. The most importants are: SSH,
> HTTPS (for admin) and HTTP + HTTPS for WEB services.
>
> My goal is: reaching the router and the NAS from the proxy server.
To me, this sounds like sslh is _not_ the ideal solution for your
problem, especially, if it is only you accessing the services and you
can use ssh in any situation. If this is the case, I would suggest to
block all your services on your home boxes from the outside with the
exception of ssh (for security reasons; as embedded devices often have
security issues with their web services). Then, you can connect to
your router via ssh, and use the ssh port forwarding mechanism to
access all your services on different ports.
Feel free to ask for details if you don't know the ssh port forwarding.
Yours, Nico
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
iEYEARECAAYFAlIB+P8ACgkQYm+MkvsfJ5/okwCgpPDeBh35bhzWJRrOpVdJVppi
RtQAniAAKBrVBS2VaaYFt9qLmXaJCeiO
=caAX
-----END PGP SIGNATURE-----
More information about the sslh
mailing list