[sslh] A problem with sslh
Yves Rutschle
yves at naryves.com
Sun Jan 19 11:41:53 CET 2014
Hi Ken,
On Sat, Jan 18, 2014 at 06:54:58PM +0800, Tang Kenneth
wrote:
> When I try to set the incoming traffic listen on 80 with
> sslh (as I have a very strict firewall that only allows
> me to go through port 80, even port 443 will not work)
> and try to probe it to http with port 80 or 8080 (I tried
> both), accessing the webpage will produce an error
> of:SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1 Protocol
> mismatch.The apache2 is running perfectly well with a
> configuration listening to localhost:80.
By the looks of it, sslh connects incoming HTTP connections
to the SSH server.
How do you configure sslh? (config file or command line
options)
Also, strict firewalls usually tend to also do proxy on port
80, meaning they actually verify the HTTP flow (e.g. check
outgoing request goes to a Web site that's allowed, check
incoming data contains no virus, and so on). It is not
possible to connect SSH through such a proxy.
To test this: If you set sshd listening to port 80 (without
sslh), do you manage to connect using ssh through your
firewall? If not, sslh won't help you there.
HTH,
Y.
More information about the sslh
mailing list