Running SSHd on port 443

Toggle sidebar Toggle sidebar
B

BZeto

Platinum Member
Apr 28, 2002
2,428
0
76
I need to be able to access my home PC's with VNC. Seems the secure way to do it these days is tunnel it through SSH using something like Putty.
Anyway, it works fine on port 22 or a higher (non-standard) port except when im at work. We use an http proxy at work that seems to block these ports going outbound. So I changed the SSHd to run on port 443 and I can now access it through the proxy at work.

Are there any side effects of putting my SSH server on this port?
My one concern is if it will conflict with being able to access my router config using HTTPS.

Thanks
 
JackMDS

JackMDS

Elite Member
Super Moderator
Oct 25, 1999
29,553
430
126
If you use UltraVNC you can use its encryption module, at 128bits it is as good as ssh and does not need a special port, it goes with the VNC.

You can use with VNC any port. I usually use ports higher than 55000 to be out of the way of most common ports. ( http://www.ezlan.net/vnc.html ).
 
P

p0lar

Senior member
Nov 16, 2002
634
0
76
Originally posted by: BZeto
I need to be able to access my home PC's with VNC. Seems the secure way to do it these days is tunnel it through SSH using something like Putty.
Anyway, it works fine on port 22 or a higher (non-standard) port except when im at work. We use an http proxy at work that seems to block these ports going outbound. So I changed the SSHd to run on port 443 and I can now access it through the proxy at work.

Are there any side effects of putting my SSH server on this port?
My one concern is if it will conflict with being able to access my router config using HTTPS.
Click to expand...

It depends heavily on the proxy method -- with HTTPS, I suspect since it works that it is based on the CONNECT method. Regardless, since it works, OpenSSH won't care, but your net admin may. ;)


 
B

BZeto

Platinum Member
Apr 28, 2002
2,428
0
76
Originally posted by: p0lar
<div class="FTQUOTE"><begin quote>Originally posted by: BZeto
I need to be able to access my home PC's with VNC. Seems the secure way to do it these days is tunnel it through SSH using something like Putty.
Anyway, it works fine on port 22 or a higher (non-standard) port except when im at work. We use an http proxy at work that seems to block these ports going outbound. So I changed the SSHd to run on port 443 and I can now access it through the proxy at work.

Are there any side effects of putting my SSH server on this port?
My one concern is if it will conflict with being able to access my router config using HTTPS.</end quote></div>

It depends heavily on the proxy method -- with HTTPS, I suspect since it works that it is based on the CONNECT method. Regardless, since it works, OpenSSH won't care, but your net admin may. ;)
Click to expand...
I'm only accessing it via SSH client (putty) from work (which has the proxy), I dont see why an admin would care. The SSH server is my home router.

 
B

BZeto

Platinum Member
Apr 28, 2002
2,428
0
76
Originally posted by: JackMDS
If you use UltraVNC you can use its encryption module, at 128bits it is as good as ssh and does not need a special port, it goes with the VNC.

You can use with VNC any port. I usually use ports higher than 55000 to be out of the way of most common ports. ( http://www.ezlan.net/vnc.html ).
Click to expand...

I may look into that. I mainly wanted to experiment with SSH and see how it works. The benefit of using SSH is I can tunnel more than just VNC if I needed to in the future.

 
P

p0lar

Senior member
Nov 16, 2002
634
0
76
Originally posted by: BZeto
I'm only accessing it via SSH client (putty) from work (which has the proxy), I dont see why an admin would care. The SSH server is my home router.
Click to expand...

The admin cares because you're piping information in/out through an unregulated channel. The admin is responsible for what traverses the network, and you are circumventing the methods by which such access is permitted. Although ultimate blame lies with the admin for leaving such holes open, it doesn't make you any less liable. Regardless, I'm not writing this to get onto your case, only that you need be aware that it is highly frowned upon. Back in my days as an admin/employee, I made life hell for people who swam upstream with respect to the network usage policy.

P.S. Not that I'm encouraging this behaviour, but you can actually establish IP tunnels using tun/tap devices with OpenSSH now rather than just tunneling TCP ports -- the down side is that you're likely tunneling TCP within TCP either way, which under less-than-ideal circumstances will degrade any reliability benefits TCP provides. Just my $0.02. :p
 
Nothinman

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0
My one concern is if it will conflict with being able to access my router config using HTTPS.
Click to expand...

From the Internet side probably, from the inside probably not.

I'm only accessing it via SSH client (putty) from work (which has the proxy), I dont see why an admin would care.
Click to expand...

Because as you said, you can tunnel anything through SSH so you've got the ability to completely circumvent their browsing security policy.
 
B

BZeto

Platinum Member
Apr 28, 2002
2,428
0
76
Originally posted by: p0lar
<div class="FTQUOTE"><begin quote>Originally posted by: BZeto
I'm only accessing it via SSH client (putty) from work (which has the proxy), I dont see why an admin would care. The SSH server is my home router.</end quote></div>

The admin cares because you're piping information in/out through an unregulated channel.
Click to expand...

Ah I see. I thought you were talking about the admin caring which port I had my SSH server on. I understand what you were referring to now.

Thanks

 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom