Linode Forum :: My work block everything except port80. Howto ssh -> lino

Linode Forum https://forum.linode.com/

My work block everything except port80. Howto ssh -> lino https://forum.linode.com/viewtopic.php?f=19&t=2784	Page 1 of 1

Author:	harmone [ Mon Jun 25, 2007 4:39 pm ]
Post subject:	My work block everything except port80. Howto ssh -> lino
My workplace block everything except port 80. How could I ssh from my work client computer into my linode server? Putty wont work and neither will the ssh java client in webmin, since they both use port 22 for ssh access. Any ideas? I don't want to install anything on the work client computer since the IT department does not allow me to. But there is IE7 and Java preinstalled. I tried to configure my linode sshd to listen to port 80, but the connections seems to immediately be cut off.

Author:	Deckert [ Mon Jun 25, 2007 5:41 pm ]
Post subject:
If they block everything outbound except port 80, it's very likely that they also transparently proxy (or protocol check) outbound connections on port 80. If the outbound SSH connection doesn't conform to HTTP, it'll probably be blocked, even if it does use port 80. If you use/need your Linode for work, ask IT to open up port 22 access for you. If it's for private use, whadda you doing accessing it from work? Having said all that, have a look at tunneling SSH over HTTP: http://www.mtu.net/~engstrom/ssh-proxy.php --deckert

Author:	Deckert [ Mon Jun 25, 2007 5:46 pm ]
Post subject:
Hi again... One more comment: try making your SSH client listen on port 443 - many organizations only proxy port 80, while letting port 443 through for direct secure connections. --deckert

Author:	harmone [ Mon Jun 25, 2007 5:58 pm ]
Post subject:
Thanks for your advice, Deckert. I'll look into it next time I'm at work and report the result.

Author:	Internat [ Mon Jun 25, 2007 7:21 pm ]
Post subject:
My work blocks everything apart form 80 and 443. So i have sshd running on 22 and 443 on my linode. And then use putting to connect to the server on port 443, but make sure you specific your http proxy and set the right details up for it. Works a treat where i am

Author:	harmone [ Tue Jun 26, 2007 5:31 pm ]
Post subject:
I tried to buy another ip for my linode node because I already run webmin on port 443. I configured the /etc/network/interfaces file (I run Debian Etch), restarted the server and typed "ifup eth1". It didn't work. I tried "lspci -v" to see if there was more than one nic, but that didn't work either. Does anyone know what I have to do to get my second ip up and running and sshd to listen at the second ip address on port 443, while at the same time let the first ip address continue to listen to webmin traffic, also on port 443?

Author:	caker [ Tue Jun 26, 2007 6:28 pm ]
Post subject:
http://www.linode.com/wiki/index.php/Multiple_IPs

Author:	SwellJoe [ Wed Jun 27, 2007 3:30 am ]
Post subject:
Webmin also has a Command Shell which doesn't require any other ports. It's non-interactive, so not quite an answer. I'm working on an AJAX version which will be fully interactive, but it'll be a few weeks before that's anything resembling usable. The SSL tunnels feature also won't work, if you don't have a free port.

Author:	harmone [ Thu Jun 28, 2007 2:45 am ]
Post subject:
Thanks everyone. It works as intended now. I configured /etc/network/interfaces according to the instructions at: http://www.linode.com/wiki/index.php/Multiple_IPs, altered /etc/ssh/sshd_config like this: # Port 22 ListenAddress 64.22.109.86:443 ListenAddress 64.22.109.195:22 I ran /etc/init.d/ssh restart and it started to work. Well, maybe I restarted the server once also. I don't remember.

Author:	zunzun [ Thu Jun 28, 2007 5:40 am ]
Post subject:
Using zebedee (http://www.winton.org.uk/zebedee/) you can tunnel any number of ports through port 443. So for example, tunnelling 22 and 5900 lets me use both SSH and VNC to my linode from work. Zebedee compresses and encrypts packets, and encrypted packets are expected on port 443 traffic, no problem. The zebedee server listens on the linode, and I start/stop a batch file on the Windoze side at the office to enable the tunnel. Some of my fellow techno-dweebs at the office emulate this process to access their home networks. James

Author:	ArbitraryConstant [ Wed Jul 04, 2007 9:47 am ]
Post subject:
You could give AjaxTerm a whirl, and just set it up inside a (hopefully SSL'd) vhost in Apache. http://antony.lesuisse.org/qweb/trac/wiki/AjaxTerm

Page 1 of 1	All times are UTC-04:00
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/