[lug] (semi-OT) ssh proxy
John Hernandez
John.Hernandez at noaa.gov
Tue May 24 14:18:37 MDT 2005
Luke, SSH does not lend itself to "transparent" proxy because the
protocol itself attempts to validate the identity of the destination.
Your proxy would be identified as a potential "man-in-the-middle" attacker.
However, from another point of view, interactive SSH sessions can be
manually proxied. For example, ssh to some "gateway" machine, then from
there, ssh to some destination. That's it. You can even configure sshd
on the "gateway" to provide ONLY an ssh client session rather than a
full-blown shell. No additional software required.
Yet another proxy-like functionality built into OpenSSH is port
forwarding, which allows you to tunnel just about any tcp service
through (possibly untrusted) networks to some gateway node.
As for SSL proxy, see if Stunnel meets your needs
http://www.stunnel.org/
luke p wrote:
> It's trival to find a free HTTP proxy out on the web, but anyone know of
> any available SSH proxies and/or SSL?
> Thanks,
> Luke
>
--
| John Hernandez - NOAA Boulder NOC - 303-497-6392
| Mailstop R/OM62. 325 Broadway, Boulder, CO 80305
| PGP Public Key ID: 586A7E23
More information about the LUG
mailing list