On Jan 28, 2011, at 9:04 AM, Skye Sweeney wrote: > "Long talk with IT" has happened more than once with the IT staff!. But I > work at a company of 30K people and IT is non yielding. Only RSA tunnels are > allowed and then only into the company. All outgoing ports are blocked > including such things as network time protocol. About the only things that > seems to get out are 80. > > My fall back position is to write a custom program to take a message on port > 80 and then initiate a powerdown, but I would prefer something more capable.
If I were in that situation (and, alas, I have been) I would run an ssh server on port 80, or do some kind of port forwarding. Somehow, in your first note I missed the fact that you were talking about *OUTGOING* connections, which rather changes the game a little. I would say bring up a secondary IP address on the box you want to get to, and run an ssh server on port 80 on that address. Failing that, yes, there are some shell-access-over-http kinds of solutions. http://dag.wieers.com/howto/ssh-http-tunneling/ is one example of how you could persuade mod_proxy to allow ssh connections to be tunneled through the proxy. There's some other similar recipes at http://www.google.com/search?q=ssh+over+http There used to be a wide variety of telnet-via-cgi and ssh-via-cgi and terminal-via-java kinds of things out there, but in a quick search just now, I found none of them. I wonder if they were all finally exposed as the security nightmares we always suspected, and discontinued. I remember several java apps that would run in the browser and give you access to a shell. But it always made me very nervous. If you must, then definitely run it over https. -- Rich Bowen [email protected] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [email protected] " from the digest: [email protected] For additional commands, e-mail: [email protected]
