Is it possible by anyway (maybe with inetd) to make 443 port serve both as sshd and as httpd SSL? Perhaps by analysing the request, if request is "CONNECT", then let httpd handle the connection; if request is ssh initialization, then let sshd handle it.
Asked
Active
Viewed 363 times
7
-
9Why in the world would you want to do this? The only reason I can think of for something like this would be to go around company firewall policies. – Zypher Feb 09 '11 at 02:19
-
1@Zypher: Good suggestion. – Orbling Feb 09 '11 at 02:55
-
2@Zypher: you are right, that's what I wanted to do – xiamx Feb 09 '11 at 16:56
-
2@Zypher: I do not see how this is off-topic, it may be undesirable behaviour, but it is still server software setup, it is not "off-topic". Just unpleasant. – Orbling Feb 10 '11 at 03:03
-
1@Zypher Wow. Responses like yours ("Why do you want to do that?") make me irrationally angry. There are lots of places with open wifi (e.g. the local library) which for reasons *I* don't understand block ssh, which at times prevents me from doing my work which requires ssh into my various servers. – Michael Dec 28 '15 at 21:40
-
Too bad people closed the question. The correct answer is yes. Give [SSLH](http://www.rutschle.net/tech/sslh.shtml) a test. – Aaron Dec 27 '16 at 23:09
3 Answers
6
No. When an SSH client connects, the server sends an announcement. When HTTP SSL connects the server waits for the client to start the SSL handshake (ClientHello). They're mutually exclusive ways to start the protocols.
Chris S
- 77,945
- 11
- 124
- 216
-
1You can use [SSLH](http://www.rutschle.net/tech/sslh.shtml) to accomplish this. – Aaron Dec 27 '16 at 23:11
3
You could conceivably write a program to sit on the port, sniff the packets coming in and act as a proxy forward to the sshd and httpd servers. I can not think of any existing software that would handle that directly and transparently.
Bit like those automatic fax/phone switchers.
Orbling
- 298
- 5
- 8
1
You could write a program to do what you suggest (analyze the incoming traffic and send it to httpd or sshd), but I don't of any existing project.
Steven
- 3,029
- 20
- 18