My work block everything except port80. Howto ssh -> lino

My workplace block everything except port 80. How could I ssh from my work client computer into my linode server?

Putty wont work and neither will the ssh java client in webmin, since they both use port 22 for ssh access. Any ideas?

I don't want to install anything on the work client computer since the IT department does not allow me to. But there is IE7 and Java preinstalled.

I tried to configure my linode sshd to listen to port 80, but the connections seems to immediately be cut off.

10 Replies

If they block everything outbound except port 80, it's very likely that they also transparently proxy (or protocol check) outbound connections on port 80.

If the outbound SSH connection doesn't conform to HTTP, it'll probably be blocked, even if it does use port 80.

If you use/need your Linode for work, ask IT to open up port 22 access for you. If it's for private use, whadda you doing accessing it from work? ;-)

Having said all that, have a look at tunneling SSH over HTTP:

http://www.mtu.net/~engstrom/ssh-proxy.php

–deckert

Hi again…

One more comment: try making your SSH client listen on port 443 - many organizations only proxy port 80, while letting port 443 through for direct secure connections.

--deckert

Thanks for your advice, Deckert. I'll look into it next time I'm at work and report the result.

My work blocks everything apart form 80 and 443. So i have sshd running on 22 and 443 on my linode.

And then use putting to connect to the server on port 443, but make sure you specific your http proxy and set the right details up for it.

Works a treat where i am

I tried to buy another ip for my linode node because I already run webmin on port 443. I configured the /etc/network/interfaces file (I run Debian Etch), restarted the server and typed "ifup eth1". It didn't work.

I tried "lspci -v" to see if there was more than one nic, but that didn't work either.

Does anyone know what I have to do to get my second ip up and running and sshd to listen at the second ip address on port 443, while at the same time let the first ip address continue to listen to webmin traffic, also on port 443?

http://www.linode.com/wiki/index.php/Multiple_IPs

Webmin also has a Command Shell which doesn't require any other ports. It's non-interactive, so not quite an answer. I'm working on an AJAX version which will be fully interactive, but it'll be a few weeks before that's anything resembling usable.

The SSL tunnels feature also won't work, if you don't have a free port.

Thanks everyone. It works as intended now.

I configured /etc/network/interfaces according to the instructions at: http://www.linode.com/wiki/index.php/MultipleIPs, altered /etc/ssh/sshdconfig like this:

Port 22

ListenAddress 64.22.109.86:443

ListenAddress 64.22.109.195:22

I ran /etc/init.d/ssh restart and it started to work. Well, maybe I restarted the server once also. I don't remember.

Using zebedee (http://www.winton.org.uk/zebedee/)

you can tunnel any number of ports through port 443.

So for example, tunnelling 22 and 5900 lets me use

both SSH and VNC to my linode from work. Zebedee

compresses and encrypts packets, and encrypted

packets are expected on port 443 traffic, no problem.

The zebedee server listens on the linode, and I start/stop

a batch file on the Windoze side at the office to enable

the tunnel. Some of my fellow techno-dweebs at the

office emulate this process to access their home networks.

James

You could give AjaxTerm a whirl, and just set it up inside a (hopefully SSL'd) vhost in Apache.

http://antony.lesuisse.org/qweb/trac/wiki/AjaxTerm

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct