[Wylug-help] SSH over HTTP/HTTPS (Corkscrew?)

Smylers Smylers at stripey.com
Wed Sep 26 21:49:41 BST 2007


Dave Fisher writes:

> On Wed, Sep 26, 2007 at 06:11:09PM +0100, Steve King wrote:
> 
> > I use HTS http tunnel  running on my home computer to let me ssh to
> > it.  Every so often the server needs a restart, but I've made a cgi
> > page on my box to let me do that remotely.
> > 
> > If this seems like the sort of thing you want mail me back.  A quick
> > google has found http://www.nocrew.org/software/httptunnel/faq.html
> > but that's not the site I used when I set it up.
> 
> Is the ssh traffic always encrypted?

Yes.  Because the ssh command that you type isn't aware of the proxy
set-up; you're SSH-ing to localhost, and so far as the ssh command is
concerned that's what's going on, so it speaks its usual encrypted SSH
protocol thingy.  HTS magically teleports the bytes it receives on
localhost back to your server, gets a response from there, and then
re-sends the response verbatim to your SSH client -- which is unaware
the bytes have come from anywhere else.

HTS, being in the middle and not having access to any SSH keys or
whatever, isn't able to decrypt the SSH traffic; all it can do is ship
bytes around.

> ... even though it doesn't necessarily signify, I still get a bit
> worried when I see developer examples using 'telnet'

Yeah, that isn't too clever.

Smylers



More information about the Wylug-help mailing list