RE: ssh over http

2006-11-29 Thread cbadescu 
Hi,

>> > On 11/27/06, Ansar Mohammed <[EMAIL PROTECTED]> wrote:
>> > > Hello All,
>> > > Is there any ssh over http implementation available for freebsd?

If yout proxy supports CONNECT method for certain port (usually 443 is
open because is used for HTTPS), then you just need to have ssh listening
on your machine on that port and use 'proxytunnel'
http://proxytunnel.sourceforge.net/

Otherwise, you can still use HTTP tunneling, but you must start one
aplication where you want to use the client, and other where is the
server.
http://www.nocrew.org/software/httptunnel/

Regards,
Ciprian Badescu
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ssh over http

2006-11-29 Thread Andrew Pantyukhin 

On 11/29/06, Atom Powers <[EMAIL PROTECTED]> wrote:

On 11/29/06, Tom Judge <[EMAIL PROTECTED]> wrote:
> Atom Powers wrote:
> > On 11/27/06, Ansar Mohammed <[EMAIL PROTECTED]> wrote:
> >> Hello All,
> >> Is there any ssh over http implementation available for freebsd?
> >
> > That doesn't even make sense. SSH is a transport layer protocol, HTTP
> > is an application layer protocol.
> >
>
> Both HTTP and SSH are application level transports,  however both can be
> used to tunnel TCP connections.  Therefore it is possible to use ssh
> over http.  The windows putty client can use http proxies to make
> outbound connections as long as your http proxy is configured to allow
> CONNECT requests to port 22.  If you using squid for example with a
> defaultish config you will need to update your proxy server configuration.

SSH is often paired with an application, a shell, but that doesn't
make it an application layer protocol. SSH establishes and manages a
transport layer connection between the client and server, over which
you can tunnel most other transport layer protocols.


You are right to a certain extent, but not enough to
make a good argument. I can't say wikipedia prides
itself on universal correctness, but still consult these
articles to clear any doubts about what layer ssh
may or may not belong to:

http://en.wikipedia.org/wiki/Ssh
http://en.wikipedia.org/wiki/Internet_protocol_suite
http://en.wikipedia.org/wiki/OSI_Model
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ssh over http

2006-11-29 Thread Atom Powers 

On 11/29/06, Tom Judge <[EMAIL PROTECTED]> wrote:

Atom Powers wrote:
> On 11/27/06, Ansar Mohammed <[EMAIL PROTECTED]> wrote:
>> Hello All,
>> Is there any ssh over http implementation available for freebsd?
>
> That doesn't even make sense. SSH is a transport layer protocol, HTTP
> is an application layer protocol.
>

Both HTTP and SSH are application level transports,  however both can be
used to tunnel TCP connections.  Therefore it is possible to use ssh
over http.  The windows putty client can use http proxies to make
outbound connections as long as your http proxy is configured to allow
CONNECT requests to port 22.  If you using squid for example with a
defaultish config you will need to update your proxy server configuration.



SSH is often paired with an application, a shell, but that doesn't
make it an application layer protocol. SSH establishes and manages a
transport layer connection between the client and server, over which
you can tunnel most other transport layer protocols.

This is very similar to the way SSL/HTTP are being used. SSL and TLS
are transport layer protocols that usually use the application layer
protocol HTTP. And like SSH, SSL/TLS can be used to tunnel other
transport layer protocols.

So what we are really talking about here is not "SSH over HTTP" but
"SSH through a HTTPS vpn/proxy", which doesn't use HTTP at all once
the session is established.

Nobody tunnels though HTTP, they use SSL/TLS.

--
--
Perfection is just a word I use occasionally with mustard.
--Atom Powers--
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ssh over http

2006-11-29 Thread Tom Judge 

Atom Powers wrote:

On 11/27/06, Ansar Mohammed <[EMAIL PROTECTED]> wrote:

Hello All,
Is there any ssh over http implementation available for freebsd?


That doesn't even make sense. SSH is a transport layer protocol, HTTP
is an application layer protocol.



Both HTTP and SSH are application level transports,  however both can be 
used to tunnel TCP connections.  Therefore it is possible to use ssh 
over http.  The windows putty client can use http proxies to make 
outbound connections as long as your http proxy is configured to allow 
CONNECT requests to port 22.  If you using squid for example with a 
defaultish config you will need to update your proxy server configuration.


Tom
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ssh over http

2006-11-28 Thread Andrew Pantyukhin 

On 11/29/06, Ansar Mohammed <[EMAIL PROTECTED]> wrote:

I think its pretty safe at this point in time to expect that everyone with a
computer far less than the list is familiar with google.
Probably a more helpful response would have been for you to recommend
something you have experience with. Someone was kind enough to point me to
something while it they don't have it running on FreeBSD works for them.

But I am sure that some people found your post inspirational. :)


Come on, don't be that :-)

Google does not lead to bare solutions, but to people with
experience. You clearly had not done your homework before
asking. I mean you didn't even say what you need and why
you need it; so the first response mused that you can't need
that.

Anyway, I understand you're not satisfied with my reply -
sincerest apologies for that. Here's a better (longer) one:

I expect you to have no difficulties in setting up an ssh
tunnel over http with "connect" method, supported by most
proxies. However, this method is filtered on most of them to
prevent the very thing we're talking about (plus a thousand
of other types of tunnels). I'm not sure a solution for ssh
over plain http (without "connect") is readily available, but
certainly there's nothing impossible about it.

To be fully compliant, you'll have to use pure pull model,
i.e. send a request for every packet you expect to get. That
means a lot of requests and huge round-trip-time, but that's
what you get for harassing protocols.

I'll leave it at that for now :-)

Please don't top-post.

Thanks for reminding me to behave! :)
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: ssh over http

2006-11-28 Thread Ansar Mohammed 
I think its pretty safe at this point in time to expect that everyone with a
computer far less than the list is familiar with google. 
Probably a more helpful response would have been for you to recommend
something you have experience with. Someone was kind enough to point me to
something while it they don't have it running on FreeBSD works for them.

But I am sure that some people found your post inspirational. :)


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
> Andrew Pantyukhin
> Sent: November 28, 2006 5:45 PM
> To: Atom Powers
> Cc: Ansar Mohammed; freebsd-questions@freebsd.org
> Subject: Re: ssh over http
> 
> On 11/28/06, Atom Powers <[EMAIL PROTECTED]> wrote:
> > On 11/27/06, Ansar Mohammed <[EMAIL PROTECTED]> wrote:
> > > Hello All,
> > > Is there any ssh over http implementation available for freebsd?
> >
> > That doesn't even make sense. SSH is a transport layer protocol, HTTP
> > is an application layer protocol.
> 
> Listen to that - any tunnel is useless :-)
> 
> Ansar, is Google filtered at your place?
> 
> http://www.google.com/search?q=ssh+over+http

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ssh over http

2006-11-28 Thread Andrew Pantyukhin 

On 11/28/06, Atom Powers <[EMAIL PROTECTED]> wrote:

On 11/27/06, Ansar Mohammed <[EMAIL PROTECTED]> wrote:
> Hello All,
> Is there any ssh over http implementation available for freebsd?

That doesn't even make sense. SSH is a transport layer protocol, HTTP
is an application layer protocol.


Listen to that - any tunnel is useless :-)

Ansar, is Google filtered at your place?

http://www.google.com/search?q=ssh+over+http
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ssh over http

2006-11-28 Thread Ansar Mohammed 

Got one!
http://www.ericdaugherty.com/dev/sshwebproxy/

allot of vendors are now encapsulating their application protocols in
http... eg. citrix ica, exchange server mapi, msn messenger, there is even a
project to provide access to fileshares with samba over ssl see:
http://www.sslbridge.com/

Even with web services, http has become more of a transport protocol than an
app protocol.

there was a product from Wall Data a long time ago that did tn5250 over http
but I havent seen any open source projects that did this.



On 11/28/06, Garrett Cooper <[EMAIL PROTECTED]> wrote:


Jerry McAllister wrote:
> On Mon, Nov 27, 2006 at 11:54:27PM -0500, Ansar Mohammed wrote:
>
>
>> Hello All,
>> Is there any ssh over http implementation available for freebsd?
>>
>
> I guess I would expect that to read http over ssh.
> Is that what you mean.
>
> jerry
   If you want SSH access from a browser, try Mindterm
(). It's a Java Applet
that can establish client access with SSH servers.
-Garrett
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "
[EMAIL PROTECTED]"


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ssh over http

2006-11-28 Thread Garrett Cooper 

Jerry McAllister wrote:

On Mon, Nov 27, 2006 at 11:54:27PM -0500, Ansar Mohammed wrote:

  

Hello All,
Is there any ssh over http implementation available for freebsd?



I guess I would expect that to read http over ssh.
Is that what you mean.

jerry
   If you want SSH access from a browser, try Mindterm 
(). It's a Java Applet 
that can establish client access with SSH servers.

-Garrett
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ssh over http

2006-11-28 Thread Jerry McAllister 
On Mon, Nov 27, 2006 at 11:54:27PM -0500, Ansar Mohammed wrote:

> Hello All,
> Is there any ssh over http implementation available for freebsd?

I guess I would expect that to read http over ssh.
Is that what you mean.

jerry

> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ssh over http

2006-11-28 Thread Joe Holden 
Atom Powers wrote:
> On 11/27/06, Ansar Mohammed <[EMAIL PROTECTED]> wrote:
>> Hello All,
>> Is there any ssh over http implementation available for freebsd?
> 
> That doesn't even make sense. SSH is a transport layer protocol, HTTP
> is an application layer protocol.
> 

If you mean by a HTTP proxy, then yes, thats entirely possible.

Ta,
Joe
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ssh over http

2006-11-28 Thread Atom Powers 

On 11/27/06, Ansar Mohammed <[EMAIL PROTECTED]> wrote:

Hello All,
Is there any ssh over http implementation available for freebsd?


That doesn't even make sense. SSH is a transport layer protocol, HTTP
is an application layer protocol.

--
Perfection is just a word I use occasionally with mustard.
--Atom Powers--
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"