[OmniOS-discuss] SSH over HTTPS

[Jim Klimov]

On 2013-12-16 23:46, Michael Mounteney wrote:
> Hello, to get around super-tight restrictions in my workplace, I'm looking for an SSH over HTTPS solution.  My home server runs OmniOS (of course) and my workplace is a M$ shop through and through.
>
> Running sshd on port 443, and connecting via Putty, doesn't work.  I don't know why as surely their firewall must allow https traffic, but it doesn't.  I don't understand these things fully.

Does (from work to home) "telnet home 443" print the SSH banner
like this?

SSH-2.0-Sun_SSH_1.5


Are there any logs about broken connections at home? Maybe there
is something bad about MTU mismatches, etc.?

Hint: you can set up IPFILTER with a "custom" config via files
and "log" all packets from your work's IP address(es), then go
review the ipmon logs.

> Please don't warn me about the dangers of being found out:  I don't really care.

Beside SSH, take a look at OpenVPN - they had some method of
co-existing with an HTTPS server. Possibly, your work's firewall
is smart enough to probe the port you requested and find out that
there is no HTTP(S) on it, so it denies the connection. If your
home's port 443 does serve HTTPS, even if just an Apache Welcome
page, this test would likely pass.

If this works, you can fire up an OpenVPN client connection from
work to home, and use SSH with minimal encryption inside this
tunnel. This does add overhead, but should work.

HTH,
//Jim