Skip to content
/ sslh Public
forked from yrutschle/sslh

Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)

License

Notifications You must be signed in to change notification settings

alecsg77/sslh

This branch is 1 commit ahead of, 212 commits behind yrutschle/sslh:master.

Folders and files

NameName
Last commit message
Last commit date

Latest commit

db22558 · Jun 9, 2022
Jun 9, 2022
Mar 30, 2022
Apr 10, 2022
Mar 18, 2022
Sep 16, 2013
Mar 30, 2014
Jun 7, 2022
Apr 9, 2022
May 25, 2022
Jan 21, 2022
Oct 6, 2013
May 8, 2021
May 8, 2021
Jan 2, 2020
Aug 24, 2021
Aug 24, 2021
Mar 19, 2022
Apr 24, 2022
Apr 10, 2022
Apr 30, 2022
Apr 30, 2022
Nov 7, 2021
Apr 24, 2021
Apr 10, 2022
May 31, 2022
May 5, 2022
May 5, 2022
Apr 5, 2019
Apr 10, 2022
Apr 10, 2022
Apr 28, 2022
Apr 28, 2022
May 5, 2022
May 5, 2022
May 22, 2022
May 22, 2022
Apr 30, 2022
Apr 30, 2022
May 5, 2022
May 5, 2022
Apr 30, 2022
May 22, 2022
Aug 6, 2021
Apr 30, 2022
May 5, 2022
Aug 28, 2021
May 5, 2022
May 3, 2022
May 5, 2022
May 5, 2022
May 5, 2022
May 22, 2022
Mar 18, 2022
Nov 29, 2018
May 22, 2022
May 22, 2022
Dec 6, 2020

Repository files navigation

sslh -- A ssl/ssh multiplexer

sslh accepts connections on specified ports, and forwards them further based on tests performed on the first data packet sent by the remote client.

Probes for HTTP, TLS/SSL (including SNI and ALPN), SSH, OpenVPN, tinc, XMPP, SOCKS5, are implemented, and any other protocol that can be tested using a regular expression, can be recognised. A typical use case is to allow serving several services on port 443 (e.g. to connect to SSH from inside a corporate firewall, which almost never block port 443) while still serving HTTPS on that port.

Hence sslh acts as a protocol demultiplexer, or a switchboard. With the SNI and ALPN probe, it makes a good front-end to a virtual host farm hosted behind a single IP address.

sslh has the bells and whistles expected from a mature daemon: privilege and capabilities dropping, inetd support, systemd support, transparent proxying, chroot, logging, IPv4 and IPv6, TCP and UDP, a fork-based and a select-based model, and more.

Install

Please refer to the install guide.

Configuration

Please refer to the configuration guide.

Docker image

How to use


Build docker image

make docker
docker run \
  --rm \
  -it \
  sslh:latest \
  --listen=0.0.0.0:443 \
  --ssh=hostname:22 \
  --tls=hostname:443

docker-compose example

version: "3"

services:
  sslh:
    image: sslh:latest
    hostname: sslh
    ports:
      - 443:443
    command: --listen=0.0.0.0:443 --tls=nginx:443 --openvpn=openvpn:1194
    depends_on:
      - nginx
      - openvpn

  nginx:
    image: nginx

  openvpn:
    image: openvpn

Comments? Questions?

You can subscribe to the sslh mailing list here: https://lists.rutschle.net/mailman/listinfo/sslh

This mailing list should be used for discussion, feature requests, and will be the preferred channel for announcements.

Of course, check the FAQ first!

About

Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • C 92.7%
  • Perl 5.2%
  • Other 2.1%