Linode Forum :: How to access my linode behind a farwall that locks port 22?

I suggest to all suggestor to understand what the problem is:
- I can't bind SSH to 80 and 443 because my linode runs a webserver

sblantipodi wrote:

I suggest to all suggestor to understand what the problem is:
- I can't bind SSH to 80 and 443 because my linode runs a webserver

Use sslh, you can bind it to port 443 and it will forward to https/ssh depending on what you use to connect to it.

kyhwana wrote:

sblantipodi wrote:

I suggest to all suggestor to understand what the problem is:
- I can't bind SSH to 80 and 443 because my linode runs a webserver

Use sslh, you can bind it to port 443 and it will forward to https/ssh depending on what you use to connect to it.

this is a great finding, I installed it on my linode, but how use this software now?
I cannot find a guide.

Read the readme/website.

I configured SSLH, started it correctly.
I switched the SSL port to 8443, I configured the sslh file,
ports 443 is opened my sslh, when I try to connect to SSH using 443, my server says, connection refused (tryed also with iptables off)

any idea?

Author:	sblantipodi [ Thu Jul 25, 2013 4:22 am ]
Post subject:	Re: How to access my linode behind a farwall that locks port
I suggest to all suggestor to understand what the problem is: - I can't bind SSH to 80 and 443 because my linode runs a webserver - I don't have another linux machine where bind ssh to 80 or 443 - I don't need an ajax console because I need ssh to tunneling

Author:	kyhwana [ Thu Jul 25, 2013 4:27 am ]
Post subject:	Re: How to access my linode behind a farwall that locks port
sblantipodi wrote: I suggest to all suggestor to understand what the problem is: - I can't bind SSH to 80 and 443 because my linode runs a webserver Use sslh, you can bind it to port 443 and it will forward to https/ssh depending on what you use to connect to it.

Author:	sblantipodi [ Thu Jul 25, 2013 4:56 am ]
Post subject:	Re: How to access my linode behind a farwall that locks port
I finded that I can open port 21. I switched my SSH to pot 21, now I can connect to SSH without any problems from my corporate network. The problem is that as soon as I try to tunnel something on my SSH the SSH connection is closed. Does it depends on my linode or the corporate firewall? Thanks.

Author:	sblantipodi [ Thu Jul 25, 2013 5:17 am ]
Post subject:	Re: How to access my linode behind a farwall that locks port
kyhwana wrote: sblantipodi wrote: I suggest to all suggestor to understand what the problem is: - I can't bind SSH to 80 and 443 because my linode runs a webserver Use sslh, you can bind it to port 443 and it will forward to https/ssh depending on what you use to connect to it. this is a great finding, I installed it on my linode, but how use this software now? I cannot find a guide.

Author:	kyhwana [ Thu Jul 25, 2013 5:26 am ]
Post subject:	Re: How to access my linode behind a farwall that locks port
sblantipodi wrote: kyhwana wrote: sblantipodi wrote: I suggest to all suggestor to understand what the problem is: - I can't bind SSH to 80 and 443 because my linode runs a webserver Use sslh, you can bind it to port 443 and it will forward to https/ssh depending on what you use to connect to it. this is a great finding, I installed it on my linode, but how use this software now? I cannot find a guide. Read the readme/website.

Linode Forum https://forum.linode.com/

How to access my linode behind a farwall that locks port 22? https://forum.linode.com/viewtopic.php?f=19&t=10275	Page 2 of 4

Author:	sblantipodi [ Thu Jul 25, 2013 6:03 am ]
Post subject:	Re: How to access my linode behind a farwall that locks port
kyhwana wrote: Read the readme/website. Readme doesn't help at all...

Author:	sblantipodi [ Thu Jul 25, 2013 6:30 am ]
Post subject:	Re: How to access my linode behind a farwall that locks port
I'm thinking on a solution that needs no additional software. I change my 443 SSL port to 8443, and I switch my SSH port to 443. How can I redirect all https traffic to 8443 using apache?

Author:	sblantipodi [ Thu Jul 25, 2013 6:37 am ]
Post subject:	Re: How to access my linode behind a farwall that locks port
I configured SSLH, started it correctly. I switched the SSL port to 8443, I configured the sslh file, ports 443 is opened my sslh, when I try to connect to SSH using 443, my server says, connection refused (tryed also with iptables off) any idea?

Author:	kyhwana [ Thu Jul 25, 2013 6:39 am ]
Post subject:	Re: How to access my linode behind a farwall that locks port
sblantipodi wrote: I configured SSLH, started it correctly. I switched the SSL port to 8443, I configured the sslh file, ports 443 is opened my sslh, when I try to connect to SSH using 443, my server says, connection refused (tryed also with iptables off) any idea? Are you sure sslh is actually running and listening on your external/publioc interface? (Paste "sudo netstat -plant")

Author:	zunzun [ Thu Jul 25, 2013 7:43 am ]
Post subject:	Re: How to access my linode behind a farwall that locks port
deleted

Author:	sblantipodi [ Thu Jul 25, 2013 8:01 am ]
Post subject:	Re: How to access my linode behind a farwall that locks port
Hi, my SSH is configured on port 4888. If I connect from a normal internet connection I can ssh 4888 without problem. Now I told SSLH to listen on 443 and to redirect the SSH traffic to 4888. If I SSH 443, I get connection refused also from a normal internet connection.

Author:	sblantipodi [ Thu Jul 25, 2013 8:15 am ]
Post subject:	Re: How to access my linode behind a farwall that locks port
I'm quite sure that SSLH is working ok since it redirect my HTTPS traffic to port 8443 correctly. It also redirect the ssh traffic correctly to the ssh port port SSH reject this redirection, probably I need to configure ssh. any idea?

Author:	sblantipodi [ Thu Jul 25, 2013 8:21 am ]
Post subject:	Re: How to access my linode behind a farwall that locks port
Ok, I finded the arcane. In my ssh_config file I had: ListenAddress mylinodepublicip with this configuration I was not able to use sslh correctly. Now I changed to ListenAddress 127.0.0.1 and now it works like a charm. I have SSL running on 8443, SSH on 4888, SSLH on 443 that redirects corretly SSH and HTTPS traffic to the correct port. Is there a security issues in this way of managing things? Is there a security issues with ListenAddress 127.0.0.1 ???

Author:	Piki [ Thu Jul 25, 2013 1:02 pm ]
Post subject:	Re: How to access my linode behind a farwall that locks port
I cannot think of any security issue with using 127.0.0.1, or really any IP address you have direct access to on the machine running ssh. However, you can safely run ssh on your Linode without a ListenAddress (just place a # in front of it). ListenAddress is meant primarily for machines with multiple IP addresses where it's more desirable to use only one or two.

Author:	vonskippy [ Thu Jul 25, 2013 1:44 pm ]
Post subject:	Re: How to access my linode behind a farwall that locks port
Maybe his employer's IT Dept puts those port blocks on their outbound network because they, you know, expect their workers to . . . . work, and not manage their hobbies on company time. //just saying//

Page 2 of 4	All times are UTC-04:00
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/