It would be nice if OpenSSH would have features to circumvent network filters, like SSL tunneling
Emmanuel Deloget
logout at free.fr
Thu Apr 20 23:51:26 AEST 2023
Le jeu. 20 avr. 2023 à 08:47, Björn Lässig <b.laessig at pengutronix.de> a écrit :
>
> On Wed, 2023-04-19 at 19:00 -0700, Yuri wrote:
> > I am in the network that is behind the Zscaler firewall.
> >
> > Virtually all ports except 80 and 443 are closed. ssh through any of
> > ports 80 and 443 is disallowed based on protocol content analysis.
> >
> >
> > It would be nice if OpenSSH would have some features that would allow
> > the user to break out of such network.
> >
> >
> > I suggest that OpenSSH adds the SSL tunneling feature:
>
> Simply set up stunnel4 according to your needs.
> This way you can wrap ssh in ssl.
>
> Yours faithfully,
> Björn Lässig
Yet another alternative would be to use socat on both ends if you're
in control. There are in fact many solutions that would allow you to
do what you want.
Being able to evade security measures is not the purpose of OpenSSH -
and that's a good thing IMHO.
Best regards,
-- Emmanuel Deloget
More information about the openssh-unix-dev
mailing list