amuck-landowner

SSH on restrictive networks

D. Strout

Resident IPv6 Proponent
So I've just moved to college, and apparently the network here blocks all ports except 80 (HTTP) and 443 (HTTPS). Right now I'm having someone not in this network try to set up an SSH server on port 443, but I'm concerned the firewall will be too "smart", and recognize that, hey, this ain't HTTPS. If that's the case, what are my options? Remember, I can only communicate on 80 and 443. I've talked to the college tech support, and they can't (won't) help, so now what? I'm going to be here for a year, and I can't go without my servers for that long.
 

HostUS-Alexander

Active Member
Verified Provider
Same for me, i set up a OpenVPN Server on a VPS on port 443. Connect to that and everything will work, as HTTPS is encrypted, hence they can't see what your using + Looks like standard HTTP/s Traffic/
 

D. Strout

Resident IPv6 Proponent
OK, if SSH doesn't work, I'll see about getting my friend to set up OpenVPN instead. Good idea. Any others?
 

drmike

100% Tier-1 Gogent
My money is on you will be fine with anything other either port (80 of 443).  Especially crypto'd payloads.  How would they know what is there.  All that sniffing and packet analysis.  Sure, doable, but not likely.

What time of school is it - private, state university, other?

Wonder how many others are being held back by these networks.    Good idea to tighten things up, but a tad excessive.
 

mikho

Not to be taken seriously, ever!
Access to ssh from a webpage has been discussed before. Cant remember names or anything since I wasnt interested at that time.


Not sure if it was here or over at LE*. Some good options though.
 

drmike

100% Tier-1 Gogent
Confirmed, he's off to the races now.  SSH over port they allow.  Simple easy fix / workaround.
 

D. Strout

Resident IPv6 Proponent
Confirmed, he's off to the races now.  SSH over port [443] they allow.  Simple easy fix / workaround.
Yep, thanks @ for your help.

You should try this: https://github.com/liftoff/GateOne I have tried it on lowendspirit UK and works great :)
Well, considering that the demo failed, I'd assume they use some port that, again, is blocked. Too bad, does seem like a nice system. Curious if anyone knows/can come up with any security risks from running SSH on port 443. Practically, of course, with SSH on 443 setting up HTTPS is out of the question. I can handle that, but I'm wondering about security risks.
 

drmike

100% Tier-1 Gogent
HTTPS can get plugged onto another port :)

No security issue with non standard port.  Actually is recommended paranoid thing to do.
 

5n1p

New Member
Yep, thanks @ for your help.

Well, considering that the demo failed, I'd assume they use some port that, again, is blocked. Too bad, does seem like a nice system. Curious if anyone knows/can come up with any security risks from running SSH on port 443. Practically, of course, with SSH on 443 setting up HTTPS is out of the question. I can handle that, but I'm wondering about security risks.
it uses 443 (https), i have send you PM to try it from my system (you will need ipv6 thought, since its ipv6 only vps) . 
 
Last edited by a moderator:

KuJoe

Well-Known Member
Verified Provider
Get a FreedomPop WIFI single. Free 500MB of data per month at 4G speeds. Should be plenty for SSH.
 

wcypierre

New Member
Yep, thanks @ for your help.

Well, considering that the demo failed, I'd assume they use some port that, again, is blocked. Too bad, does seem like a nice system. Curious if anyone knows/can come up with any security risks from running SSH on port 443. Practically, of course, with SSH on 443 setting up HTTPS is out of the question. I can handle that, but I'm wondering about security risks.
How did the demo failed? I always use it to access my server whenever I'm using public wifi, and with the https implemented, it makes the life of the hacker a bit harder in decrypting your traffic ;)
 
Last edited by a moderator:

NodeBytes

Dedi Addict
Set up a second cheap VPS to access others with. Not super practical but it's better than setting port 443 on a production server.
 

KuJoe

Well-Known Member
Verified Provider
Set up a second cheap VPS to access others with. Not super practical but it's better than setting port 443 on a production server.
I have a VPS that I use mainly for connecting to other VPSs like this. It's a Windows 7 box using a custom RDP port with MTPuTTY running on it so it has about a dozen or so tabs at any time. It has the added benefit of always being online so if I lose power or need to go some place I can disconnect from the VPS and reconnect later to finish what I was doing.

I'm actually typing this reply from said VPS and I have my Raspberry Pi setup to act as a thin client for this VPS so I can use my RPi for pretty much anything except for gaming. :D
 
Top
amuck-landowner