http://blog.chmd.fr/ssh-over-ssl-a-quick-and-minimal-config.html
Since most who visit here are already familiar with Apache's HTTPD server, I won't go into all the gory details. If there is an unanswered question, visit the above link.
First, make sure you have the proxy module loaded! This is a must, or you will receive errors when starting. Next, open your SSL configuration that you want to allow the proxy on, and add the following :
ProxyRequests On
AllowConnect 139
<Proxy *>
Order deny,allow
Deny from all
</Proxy>
<Proxy 127.0.0.1>
Order deny,allow
Allow from all
</Proxy>
This essentially allows the proxy headers to tell Apache what you want to connect to, but limits it to only the localhost connection on port 139. All other proxy requests (unless you've added more) will be denied. Make sure you test it. If it's failing to fire up for you, try doing it over the unencrypted (HTTP) connections instead (you will have to change the Apache configs for that), and watch what it is doing.For the client side, you can connect to the proxy tunnel by installing the proxytunnel package, then using the command :
proxytunnel -E -p example.com:443 -d 127.0.0.1:139 -q
If you are having problems connecting to the tunnel, change the -q to a -v (quiet to verbose), and try it again. If you are not doing Samba access, but sending it to SSH, you can connect to the tunnel, add the following stanza to your $HOME/.ssh/config file :
Host example.com
ProxyCommand proxytunnel -q -E -p example.com:443 -d 127.0.0.1:139
DynamicForward 1080
ServerAliveInterval 60
This should allow you to run the ssh command where it sets up the connection for you. Try it out! Again, I'm not the expert here, I simply pilfered this information from http://blog.chmd.fr/ssh-over-ssl-a-quick-and-minimal-config.html (and there is much, much more available from that link!
No comments:
Post a Comment