On Sun, Apr 22, 2007 at 10:02:50PM +0300, Nick Demou wrote: > On 4/21/07, Karl E. Jorgensen <[EMAIL PROTECTED]> wrote: > >Despite being security-through-obscurity, it *is* possible to run https > >and ssh on the same port, via a proxy: > > http://sourceforge.net/projects/ssh-ssl-proxy/ > > Nice idea. Is it easy to support sshd-httpd on the same port also?
Yes - assuming that the httpd client doesn't use pooling or the like,
which stops the client from "talking" immediately upon connection:
http://sourceforge.net/docman/display_doc.php?docid=49025&group_id=192637
(have a quick scan through "Theory of Operation").
I did do a write-up on using it with other protocols, but I can't
locate it at the moment :-|
> >[...] at least casual
> >scanners could well see an https server instead of SSH...
>
> The scanners I'm afraid of are those that will attempt to talk ssh to
> ports 80,443 because the cracker operating them knows that many admins
> might very well have configured an ssh there just to be able to access
> it when behind a restrictive firewall. For those scanners your proxy
> is transparent (as it should be)
Quite correct.
--
Karl E. Jorgensen
[EMAIL PROTECTED] http://www.jorgensen.org.uk/
[EMAIL PROTECTED] http://karl.jorgensen.com
==== Today's fortune:
Contains no artificial colors or ingredients.
signature.asc
Description: Digital signature
