openSSH 5.8p2 BindPort patch
Rory McNamara
pink.banana.fish at gmail.com
Fri Jul 22 21:05:40 EST 2011
I remembered last night that i used chrome on debian with the proxy,
and successfully accessed a https site. If i try to connect to port 22
without setting the sourceport, i get reset, probably from the
firewall. If i try to connect to port 443 without setting the
sourceport, that is the error i recieve. So i believe you are right
that it only occurs if you use CONNECT. I can confirm that i tried
connecting to port 443 and still got the error, as i documented what i
tried as i went along
On Thu, Jul 21, 2011 at 7:59 PM, Gert Doering <gert at greenie.muc.de> wrote:
> Hi,
>
> On Thu, Jul 21, 2011 at 05:23:01PM +0100, Rory McNamara wrote:
>> My home ssh is running on port 443, well, port forwarded 443->22, but
>> it's the same pretty much. As far as i know, the error code is:
>>
>> Error Code: 502 Proxy Error. The specified Secure Sockets Layer (SSL)
>> port is not allowed. ISA Server is not configured to allow SSL
>> requests from this port. Most Web browsers use port 443 for SSL
>> requests.
>
> This error would surprise me a lot. None(!) of the unix web browsers
> run by normal users are able(!) to use a source port of 443, as it is
> a privileged port only root can use.
>
> Now, that error message with "... to allow SSL request *to* this port."
> is fairly typical if you try to use a proxy to CONNECT to a port 22
> etc. (non-SSL ports).
>
> gert
> --
> USENET is *not* the non-clickable part of WWW!
> //www.muc.de/~gert/
> Gert Doering - Munich, Germany gert at greenie.muc.de
> fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
>
More information about the openssh-unix-dev
mailing list