19 lines
846 B
Text
19 lines
846 B
Text
sslh lets one accept both HTTPS and SSH connections on
|
|
the same port. It makes it possible to connect to an SSH
|
|
server on port 443 (e.g. from inside a corporate firewall,
|
|
which almost never block port 443) while still serving HTTPS
|
|
on that port.
|
|
|
|
The idea is to have sslh listen to the external 443 port,
|
|
accept the incoming connections, work out what type of
|
|
connection it is, and then fordward to the appropriate
|
|
server.
|
|
|
|
The protocol detection is made based on a small difference
|
|
between SSL and SSH: an SSL client connecting to a server
|
|
speaks first, whereas an SSH client expects the SSH server
|
|
to speak first (announcing itself with a banner). sslh
|
|
waits for some time for the incoming connection to send data.
|
|
If it does before the timeout occurs, it is supposed to be
|
|
an SSL connection. Otherwise, it is supposed to be an SSH
|
|
connection.
|