[UFO Chicago] SSL Proxy Multiplexor

jay jay at m5.chicago.il.us
Sun Aug 7 08:33:39 PDT 2016


Fellow Nerds,

Sometimes when I am out of town, I find myself working in an
environment in which all outgoing ports except 80 and 443 are blocked
(some idiots think that "providing your customers with Internet
connectivity" is equivalent to "providing your customers with the
ability to access the World Wide Web with a browser").  This means
that I am unable to ssh in to my computer, which is a huge
inconvenience, because that is how I read my electronic mail, my
electronic mail does not get delivered to google.com or yahoo.com or
aol.com where the FBI gets to look at it without telling me, I run an
SMTP server on my home computer and my mail gets delivered directly to
me.

The solution, of course, is to provide ssh on port 443, right?  Well,
not so fast.  I may want to provide https: content on my website.
What do I do?  It occurs to me that I could provide a server on port
443 that looks at incoming traffic, and, if it looks like https, it
sends it off to a suitable local port where Apache is ready to serve
out https: content, and, if it looks like ssh, it sends it off to a
suitable local port where sshd is waiting.

I could probably write that program myself, but I don't want to,
because I have a life, and it would be tedious to write.  The incoming
traffic is SSL-encrypted, so I'd have to decrypt it first so as to be
able to look at it and tell what kind of traffic it is, but the
original encrypted traffic is what I'd have to send to ssh or Apache,
because that's what they're expecting.

So, since laziness is one of the cardinal virtues of programming, has
anyone already written this program, and open-sourced it?  To repeat,
I want a server that will listen on port 443 and then redirect
encrypted incoming traffic either to Apache or to sshd, as
appropriate.  Thank you in advance for any and all replies.


                        Jay F. Shachter
                        6424 N Whipple St
                        Chicago IL  60645-4111
                                (1-773)7613784   landline
                                (1-410)9964737   GoogleVoice
                                jay at m5.chicago.il.us
                                http://m5.chicago.il.us

                        "Quidquid latine dictum sit, altum videtur"


More information about the ufo mailing list