Who cares if nobody can work, the important is that those illegal streams are blocked

  • jabjoe@feddit.uk
    link
    fedilink
    English
    arrow-up
    2
    ·
    11 months ago

    In your .ssh/config you want something like:

    Host my-ssh-ssl Hostname us01.ssh0.net User sshocean-p1r4t2br Password myparrot2 Port 443 ProxyCommand ~/.ssh/https-tunnel.sh %h %p

    Then you have a ~/.ssh/https-tunnel.sh something like:

    #!/usr/bin/env bash { printf “GET /HTTP/1.1\r\nHost:$1\r\nUpgrade:websocket\r\n”; cat } | openssl s_client -connect $1:$2 -servername $1

    That last bit, -servername is the SNI bit, if you need it. BUT I think that payload might be for port 2083. I think 443 might be just the OpenSSL connect directly.