2021-04-18 10:23:24 +00:00
<!DOCTYPE html>
< html lang = "en" >
< head >
< meta charset = "utf-8" >
< title > YBlog - ssh to Listen 443 on Snow Leopard< / title >
< meta name = "keywords" content = "Apple, mac, ssh, security" / >
< link rel = "shortcut icon" type = "image/x-icon" href = "../../../../Scratch/img/favicon.ico" / >
2021-05-25 20:25:47 +00:00
< link rel = "stylesheet" type = "text/css" href = "/css/y.css" / >
< link rel = "stylesheet" type = "text/css" href = "/css/legacy.css" / >
< link rel = "alternate" type = "application/rss+xml" title = "RSS" href = "/rss.xml" / >
2021-04-18 10:23:24 +00:00
< meta name = "viewport" content = "width=device-width, initial-scale=1.0" >
< link rel = "apple-touch-icon" href = "../../../../Scratch/img/about/FlatAvatar@2x.png" / >
<!-- [if lt IE 9]>
< script src = "http://ie7-js.googlecode.com/svn/version/2.1(beta4)/IE9.js" > < / script >
<![endif]-->
<!-- IndieAuth -->
< link href = "https://twitter.com/yogsototh" rel = "me" >
< link href = "https://github.com/yogsototh" rel = "me" >
< link href = "mailto:yann.esposito@gmail.com" rel = "me" >
< link rel = "pgpkey" href = "../../../../pubkey.txt" >
< / head >
< body lang = "en" class = "article" >
< div id = "content" >
< div id = "header" >
< div id = "choix" >
< span id = "choixlang" >
< a href = "../../../../Scratch/fr/blog/08_Configure_ssh_to_listen_the_port_443_on_Snow_Leopard/" > French< / a >
< / span >
< span class = "tomenu" > < a href = "#navigation" > ↓ Menu ↓< / a > < / span >
< span class = "flush" > < / span >
< / div >
< / div >
< div id = "titre" >
< h1 > ssh to Listen 443 on Snow Leopard< / h1 >
< / div >
< div class = "flush" > < / div >
< div id = "afterheader" class = "article" >
< div class = "corps" >
< h1 id = "surf-everywhere-as-if-you-were-at-home" > Surf everywhere as if you were at home< / h1 >
< p > In order to bypass < em > evil< / em > company firewall and to surf safely on unsafe < sc > wifi< / sc > . I keep an ssh server listening on the port 443.< / p >
< p > Then from my laptop or my local computer I just have to launch the marvelous< / p >
< div >
< div class = "sourceCode" id = "cb1" > < pre class = "sourceCode zsh" > < code class = "sourceCode zsh" > < a class = "sourceLine" id = "cb1-1" title = "1" > < span class = "kw" > ssh< / span > -f -p 443 -ND 9050 username@host< / a > < / code > < / pre > < / div >
< / div >
< p > and a local < sc > socks< / sc > proxy listening on port 9050 is launched. The < sc > socks< / sc > proxy will transfer local requests via the ssh tunnel. Therefore I can surf locally as if I was on my own computer. I can put password and card number without fear the local < sc > wifi< / sc > network to be < em > sniffed< / em > . I simply need to configure my web browser to user the < sc > socks< / sc > proxy on localhost and port 9050.< / p >
< p > I get this information from < a href = "http://dltj.org/article/ssh-as-socks-proxy/" > this post< / a > .< / p >
< h1 id = "ssh-and-snow-leopardc" > Ssh and Snow Leopard(c)< / h1 >
< p > Here I don’ t want to talk about how great < sc > socks< / sc > proxy via ssh tunneling is but how to configure my local server.< / p >
< p > I have Mac with Snow Leopard(c) at home and it is far from enough to modify the < code > /etc/sshd.config< / code > file. The system use < code > launchd< / code > to launch starting daemons.< / p >
< p > I posted the question on < a href = "http://discussions.apple.com" > Apple Discussions< / a > in this < a href = "http://discussions.apple.com/thread.jspa?messageID=10141032" > discussion thread< / a > . Thanks to all guys who helped me. And the solution is:< / p >
< p > Create the file < tt > /Library/LaunchDaemons/ssh-443.plist< / tt > containing:< / p >
< div >
< div class = "sourceCode" id = "cb2" > < pre class = "sourceCode xml" > < code class = "sourceCode xml" > < a class = "sourceLine" id = "cb2-1" title = "1" > < span class = "kw" > < ?xml< / span > version=" 1.0" encoding=" UTF-8" < span class = "kw" > ?> < / span > < / a >
< a class = "sourceLine" id = "cb2-2" title = "2" > < span class = "dt" > < !DOCTYPE < / span > plist PUBLIC " -//Apple Computer//DTD PLIST 1.0//EN" " http://www.apple.com/DTDs/PropertyList-1.0.dtd" < span class = "dt" > > < / span > < / a >
< a class = "sourceLine" id = "cb2-3" title = "3" > < span class = "kw" > < plist< / span > < span class = "ot" > version=< / span > < span class = "st" > " 1.0" < / span > < span class = "kw" > > < / span > < / a >
< a class = "sourceLine" id = "cb2-4" title = "4" > < span class = "kw" > < dict> < / span > < / a >
< a class = "sourceLine" id = "cb2-5" title = "5" > < span class = "kw" > < key> < / span > Disabled< span class = "kw" > < /key> < / span > < / a >
< a class = "sourceLine" id = "cb2-6" title = "6" > < span class = "kw" > < false/> < / span > < / a >
< a class = "sourceLine" id = "cb2-7" title = "7" > < span class = "kw" > < key> < / span > Label< span class = "kw" > < /key> < / span > < / a >
< a class = "sourceLine" id = "cb2-8" title = "8" > < span class = "kw" > < string> < / span > local.sshd< span class = "kw" > < /string> < / span > < / a >
< a class = "sourceLine" id = "cb2-9" title = "9" > < span class = "kw" > < key> < / span > Program< span class = "kw" > < /key> < / span > < / a >
< a class = "sourceLine" id = "cb2-10" title = "10" > < span class = "kw" > < string> < / span > /usr/libexec/sshd-keygen-wrapper< span class = "kw" > < /string> < / span > < / a >
< a class = "sourceLine" id = "cb2-11" title = "11" > < span class = "kw" > < key> < / span > ProgramArguments< span class = "kw" > < /key> < / span > < / a >
< a class = "sourceLine" id = "cb2-12" title = "12" > < span class = "kw" > < array> < / span > < / a >
< a class = "sourceLine" id = "cb2-13" title = "13" > < span class = "kw" > < string> < / span > /usr/sbin/sshd< span class = "kw" > < /string> < / span > < / a >
< a class = "sourceLine" id = "cb2-14" title = "14" > < span class = "kw" > < string> < / span > -i< span class = "kw" > < /string> < / span > < / a >
< a class = "sourceLine" id = "cb2-15" title = "15" > < span class = "kw" > < /array> < / span > < / a >
< a class = "sourceLine" id = "cb2-16" title = "16" > < span class = "kw" > < key> < / span > Sockets< span class = "kw" > < /key> < / span > < / a >
< a class = "sourceLine" id = "cb2-17" title = "17" > < span class = "kw" > < dict> < / span > < / a >
< a class = "sourceLine" id = "cb2-18" title = "18" > < span class = "kw" > < key> < / span > Listeners< span class = "kw" > < /key> < / span > < / a >
< a class = "sourceLine" id = "cb2-19" title = "19" > < span class = "kw" > < dict> < / span > < / a >
< a class = "sourceLine" id = "cb2-20" title = "20" > < span class = "kw" > < key> < / span > SockServiceName< span class = "kw" > < /key> < / span > < / a >
< a class = "sourceLine" id = "cb2-21" title = "21" > < span class = "kw" > < string> < / span > https< span class = "kw" > < /string> < / span > < / a >
< a class = "sourceLine" id = "cb2-22" title = "22" > < span class = "kw" > < /dict> < / span > < / a >
< a class = "sourceLine" id = "cb2-23" title = "23" > < span class = "kw" > < /dict> < / span > < / a >
< a class = "sourceLine" id = "cb2-24" title = "24" > < span class = "kw" > < key> < / span > inetdCompatibility< span class = "kw" > < /key> < / span > < / a >
< a class = "sourceLine" id = "cb2-25" title = "25" > < span class = "kw" > < dict> < / span > < / a >
< a class = "sourceLine" id = "cb2-26" title = "26" > < span class = "kw" > < key> < / span > Wait< span class = "kw" > < /key> < / span > < / a >
< a class = "sourceLine" id = "cb2-27" title = "27" > < span class = "kw" > < false/> < / span > < / a >
< a class = "sourceLine" id = "cb2-28" title = "28" > < span class = "kw" > < /dict> < / span > < / a >
< a class = "sourceLine" id = "cb2-29" title = "29" > < span class = "kw" > < key> < / span > StandardErrorPath< span class = "kw" > < /key> < / span > < / a >
< a class = "sourceLine" id = "cb2-30" title = "30" > < span class = "kw" > < string> < / span > /dev/null< span class = "kw" > < /string> < / span > < / a >
< a class = "sourceLine" id = "cb2-31" title = "31" > < span class = "kw" > < key> < / span > SHAuthorizationRight< span class = "kw" > < /key> < / span > < / a >
< a class = "sourceLine" id = "cb2-32" title = "32" > < span class = "kw" > < string> < / span > system.preferences< span class = "kw" > < /string> < / span > < / a >
< a class = "sourceLine" id = "cb2-33" title = "33" > < span class = "kw" > < /dict> < / span > < / a >
< a class = "sourceLine" id = "cb2-34" title = "34" > < span class = "kw" > < /plist> < / span > < / a > < / code > < / pre > < / div >
< / div >
< p > It is a copy of < code > /System/Library/LaunchDaemons/ssh.plist< / code > with some modifications:< / p >
< ul >
< li > the < code > SockServiceName< / code > from < code > ssh< / code > to < code > https< / code > .< / li >
< li > the < code > Label< / code > from < code > com.openssh.sshd< / code > to something not existing as < code > local.sshd< / code > < / li >
< / ul >
< p > Tell me if it was helpfull or if you have any question.< / p >
< / div >
< div id = "afterarticle" >
< div id = "social" >
2021-05-25 20:25:47 +00:00
< a href = "/rss.xml" target = "_blank" rel = "noopener noreferrer nofollow" class = "social" > RSS< / a >
2021-04-18 10:23:24 +00:00
·
< a href = "https://twitter.com/home?status=http%3A%2F%2Fyannesposito.com/Scratch/en/blog/08_Configure_ssh_to_listen_the_port_443_on_Snow_Leopard/%20via%20@yogsototh" target = "_blank" rel = "noopener noreferrer nofollow" class = "social" > Tweet< / a >
·
< a href = "http://www.facebook.com/sharer/sharer.php?u=http%3A%2F%2Fyannesposito.com/Scratch/en/blog/08_Configure_ssh_to_listen_the_port_443_on_Snow_Leopard/" target = "_blank" rel = "noopener noreferrer nofollow" class = "social" > FB< / a >
< br / >
< a class = "message" href = "../../../../Scratch/en/blog/Social-link-the-right-way/" > These social sharing links preserve your privacy< / a >
< / div >
< div id = "navigation" >
< a href = "../../../../" > Home< / a >
< span class = "sep" > ¦< / span >
< a href = "../../../../Scratch/en/blog" > Blog< / a >
< span class = "sep" > ¦< / span >
< a href = "../../../../Scratch/en/softwares" > Softwares< / a >
< span class = "sep" > ¦< / span >
< a href = "../../../../Scratch/en/about" > About< / a >
< / div >
< div id = "totop" > < a href = "#header" > ↑ Top ↑< / a > < / div >
< div id = "bottom" >
< div >
Published on 2009-09-07
< / div >
< div >
< a href = "https://twitter.com/yogsototh" > Follow @yogsototh< / a >
< / div >
< div >
< a rel = "license" href = "http://creativecommons.org/licenses/by/3.0/deed.en_US" > Yann Esposito©< / a >
< / div >
< div >
Done with
< a href = "http://www.vim.org" target = "_blank" rel = "noopener noreferrer nofollow" > < strike > Vim< / strike > < / a >
< a href = "http://spacemacs.org" target = "_blank" rel = "noopener noreferrer nofollow" > spacemacs< / a >
< span class = "pala" > & < / span >
< a href = "http://nanoc.ws" target = "_blank" rel = "noopener noreferrer nofollow" > < strike > nanoc< / strike > < / a >
< a href = "http://jaspervdj.be/hakyll" target = "_blank" rel = "noopener noreferrer nofollow" > Hakyll< / a >
< / div >
< hr / >
< div style = "max-width: 100%" >
< a href = "https://cardanohub.org" >
< img src = "../../../../Scratch/img/ada-logo.png" class = "simple" style = "height: 16px ;
border-radius: 50%;
vertical-align:middle;
display:inline-block;" />
ADA:
< / a >
< code style = "display:inline-block;
word-wrap:break-word;
text-align: left;
vertical-align: top;
max-width: 85%;">
DdzFFzCqrhtAvdkmATx5Fm8NPJViDy85ZBw13p4XcNzVzvQg8e3vWLXq23JQWFxPEXK6Kvhaxxe7oJt4VMYHxpA2vtCFiP8fziohN6Yp
< / code >
< / div >
< / div >
< / div >
< / div >
< / div >
< / body >
< / html >