File tree Expand file tree Collapse file tree 1 file changed +25
-0
lines changed Expand file tree Collapse file tree 1 file changed +25
-0
lines changed Original file line number Diff line number Diff line change 1+ Here's a list of features that have been suggested or
2+ sometimes requested. This list is not a roadmap and
3+ shouldn't be construed to mean that any of this will happen.
4+
5+ - configurable behaviour depending on services (e.g.
6+ select() for ssl but fork() for ssh).
7+
8+ - have certain services available only from specified subnets
9+
10+ - some sort of "service knocking" allowing to activate a
11+ service upon some external even, similar to port knocking;
12+ for example, go to a specific URL to enable sslh forwarding
13+ to sshd for a set period of time:
14+ * sslh listens on 443 and only directs to httpd
15+ * user goes somewhere to https://example.org/open_ssh.cgi
16+ * open_ssh.cgi tells sslh
17+ * sslh starts checking if incoming connections are ssh, and
18+ if they are, forward to sshd
19+ * 10 minutes later, sslh stops forwarding to ssh
20+
21+ That would make it almost impossible for an observer
22+ (someone who'd telnet regularly on 443) to ever notice both
23+ services are available on 443.
24+
25+
You can’t perform that action at this time.
0 commit comments