How to allow SSH when the network is blocked on all ports except HTTP and HTTPS?
I'm curious to know how I can create a SSH tunnel which allows me to SSH via 443 and will work even after the server is rebooted?
I'm trying to use Laravel Forge to configure the server. However if the SSH ports are blocked, Laravel forge will not work. Hence, I'm trying to find a way to allow SSH for Laravel Forge via a tunneling agent.
Well if port 443 is used by the webserver you cannot reuse it for something else (actually there are ways to do such things) What I would suggest is to have the server create an outbound SSH connection to another box, quite likely that the firewall policy will allow this.
Do something like this:
ssh -L 2222:localhost:22 some.other.server
(Perhaps even make it persistent using a service. https://gist.github.com/drmalex07/c0f9304deea566842490)
Then login to some.other.server and do this:
ssh -p 2222 webserveruser@localhost
Or let your automation connect to this port.
To take it one step further you could use the jump option to hop directly through the intermediate server. Your .ssh/config could look something like this.
Host intermediate.server
HostName intermediate.server
User someuser
IdentityFile ~/.ssh/id_rsa
Host webserver
HostName localhost
User someuser
Port 2222
IdentityFile ~/.ssh/id_rsa
ProxyJump intermediate.server
effectively allowing you to do this:
ssh webserver
Gotta love ssh!
