SSHTTP

This provides a client and server for getting around SSH restrictions by tunnelling the connection over HTTPS.

This works pretty simply:

  • Destination server:
    • Listens for websockets
    • Forwards connected traffic to local SSH port
  • Client:
    • Listen for net connetion on a port
    • Forwards to destination server

A sample setup might be:

Server:

sshttp --certPath=./ --listenOn="127.0.0.1:62528" --forwardTo=22

Note that the above requires certPath to have the certificate files:

  • server.crt
  • server.key

Client:

sshttp_client --listenOn=":25001" --proxy=":62528"

There is an –insecure flag if you don’t want to validate the server’s certificate.

To connect via SSH, you can simply do:

ssh [email protected] -p 25001

If the client proxy is on port 25001, it would forward the SSH traffic to the remote proxy which would connect you to the SSH daemon.

Note: This seems to work great, but it is pretty bare bones.

GitHub

View Github