The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My work

  • My badges

  • Twitter Updates

    • G+ These are the command-line parameters I assembled to get close to “Ultra” compression from the 7-zip... ift.tt/2ol0NhR 1 hour ago
    • Getting close to 7zip GUI “Ultra” compression from a batch file wiert.me/2018/02/23/get… 1 hour ago
    • RT @Nick_Craver: Nothing of what I planned to do today got done. Nothing. Nothing at all. But we kept the error count under 2.5 million beh… 8 hours ago
    • RT @kellabyte: I really don’t get the harsh criticism around Intel 3D XPoint. Yes they didn’t deliver persisted RAM. They did deliver 8x… 8 hours ago
    • G+ “Some managers just don’t recognize how profound the differences between their people are; others don’t... ift.tt/2FmOJUB 9 hours ago
  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,347 other followers

Notes and links on proxytunnel, sslh, apache, stunnel, putty, ssh and more

Posted by jpluimers on 2016/12/12

This is based on lots of help from Rui Seabra with a G+ remark I made a while ago: “So what would be a proper way to setup an SSH connection over HTTPS given that the proxy in between is CNTLM providing credentials to an NTLM authenticating proxy that does HTTPS man-in-the-moddle? Clients are Linux or Windows with admin access. On the outside Linux with admin access as well.
This is also becoming more and more relevant with “free” WiFi providers only allowing HTTP/HTTPS and playing HTTPS Man-in-the-Middle.”

So the situation is something like this:

  • client ssh client
  • stunnel client
  • man-in-the-middle HTTP/HTTPS proxy only allowing outgoing traffic on ports 80/443
  • server: sslh
    • server apache daemon
    • stunnel daemon
    • server ssh daemon

Some links:

–jeroen

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: