sshd also talking HTTP
Damien Miller
djm at mindrot.org
Thu Jul 10 22:24:11 EST 2003
Jan Pieter Cornet wrote:
> (I'm not subscribed to the list, please Cc me on replies).
>
> We have configured sshd to listen on port 80 for some of our users who
> are behind sufficiently paranoid firewalls. However, others are now
> confused since they're expecting a web server on port 80.
>
> So, I created a small patch (just as proof-of-concept so far), that
> determines the type of client connecting. A web client will start talking
> itself (GET, HEAD, etc...), while an ssh client will wait for the server
> to issue the greeting banner.
>
> So, the patch simply waits 1 second (should be configurable) when someone
> connects to port 80 (should also be configurable), and if any data is
> available by then, it decides it's an HTTP client, not an SSH client,
> and sends a proper redirect.
>
> The patch is attached (or in case the attachment gets stripped, also here:
> http://www.xs4all.nl/~johnpc/dirty-sshd-hack.txt )
>
> Could a cleaned up version of this patch be useful for inclusion in future
> versions of Opensshd?
Never.
Apart from the fact that it could be trivially implemented using a
wrapper program outside ssh, it is an utterly terrible idea.
What next? Make sshd understand SMTP headers too?
-d
More information about the openssh-unix-dev
mailing list