openSSH 5.8p2 BindPort patch

Rory McNamara at
Fri Jul 22 21:05:40 EST 2011

I remembered last night that i used chrome on debian with the proxy,
and successfully accessed a https site. If i try to connect to port 22
without setting the sourceport, i get reset, probably from the
firewall. If i try to connect to port 443 without setting the
sourceport, that is the error i recieve. So i believe you are right
that it only occurs if you use CONNECT. I can confirm that i tried
connecting to port 443 and still got the error, as i documented what i
tried as i went along

On Thu, Jul 21, 2011 at 7:59 PM, Gert Doering <gert at> wrote:
> Hi,
> On Thu, Jul 21, 2011 at 05:23:01PM +0100, Rory McNamara wrote:
>> My home ssh is running on port 443, well, port forwarded 443->22, but
>> it's the same pretty much. As far as i know, the error code is:
>> Error Code: 502 Proxy Error. The specified Secure Sockets Layer (SSL)
>> port is not allowed. ISA Server is not configured to allow SSL
>> requests from this port. Most Web browsers use port 443 for SSL
>> requests.
> This error would surprise me a lot.  None(!) of the unix web browsers
> run by normal users are able(!) to use a source port of 443, as it is
> a privileged port only root can use.
> Now, that error message with "... to allow SSL request *to* this port."
> is fairly typical if you try to use a proxy to CONNECT to a port 22
> etc. (non-SSL ports).
> gert
> --
> USENET is *not* the non-clickable part of WWW!
>                                                           //
> Gert Doering - Munich, Germany                             gert at
> fax: +49-89-35655025                        gert at

More information about the openssh-unix-dev mailing list