openSSH 5.8p2 BindPort patch

Alex Bligh alex at
Fri Jul 22 02:02:30 EST 2011

--On 20 July 2011 14:12:38 +1000 Darren Tucker <dtucker at> wrote:

>> The proxy im trying to get through only allows ssl on ports 443 from
>> port 443, i have no idea why,
> That sounds quite broken since TCP connections are uniquely identified
> by the 4-tuple of source IP, source port, destination IP, destination
> port.  If your proxy does what you describe it would limit you to only
> one outbound SSL connection at any time and I would suspect something
> is misconfigured.

It might well be broken, but that is an argument in favour of the
patch: getting around broken firewalls is a classic use-case for

Rory: you might also try running ssh on port 443 somewhere outside
the firewall; I can't believe they will filter https connections
by source port.

Alex Bligh

More information about the openssh-unix-dev mailing list