SSH Over HTTPS
This method uses HTTPS with TLS encryption to encapsulate SSH traffic. This allows SSH traffic to appear as if it's HTTPS traffic, and can be useful to bypass firewalls that block port 22 (SSH).
server: apache, nginx client: corkscrew
** TO CONFIRM WITH A PRACTICAL EXPERIMENT and further develop the documentations
Firewalls with destination port 22 restriction only
Firewalls can be configured to block SSH traffic by the default destination port number 22. Thus, by changing the port that the SSH server listens to, these types of firewalls can be potentially bypassed.
Server side
The ListenAddress value can be used to change the listen address on the SSH server. This configuration can be done by editing the /etc/ssh/sshd_config file.
The allowed format for the ListenAddress value configuration (https://linux.die.net/man/5/sshd_config):
ListenAddress host|IPv4_addr|IPv6_addr
ListenAddress host|IPv4_addr:port
ListenAddress [host|IPv6_addr]:port
Client side
Example
Suppose I want my SSH server to listen on port 22888.
Firewalls with destination port 22 restriction & deep packet inspection
Some firewalls may implement deep packet inspection to identify and block SSH traffic by other methods aside from the destination port number. A method to enable SSH traffic over HTTPS can be utilized to potentially bypass the firewalls.
The SSH over HTTPS is essentially the same as normal HTTPS with HTTP headers such as Host, User-Agent, Content-Length, etc. with the exception that the body will include SSH data rather than the usual Javascript/HTML content
Client side: Tools such as corkscrew is required to establish TLS connection: with the handshake and other processes.
Server side: apache/nginx server required to configure the server to listen over HTTPS, before routing the SSH traffic to port 22 (where the actual SSH server is running)
Corkscrew example from ChatGPT
Last updated