You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

160 lines
12 KiB

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>YBlog - ssh to Listen 443 on Snow Leopard</title>
<meta name="keywords" content="Apple, mac, ssh, security" />
<link rel="shortcut icon" type="image/x-icon" href="../../../../Scratch/img/favicon.ico" />
<link rel="stylesheet" type="text/css" href="/css/y.css" />
<link rel="stylesheet" type="text/css" href="/css/legacy.css" />
<link rel="alternate" type="application/rss+xml" title="RSS" href="/rss.xml" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="apple-touch-icon" href="../../../../Scratch/img/about/FlatAvatar@2x.png" />
<!--[if lt IE 9]>
<script src="http://ie7-js.googlecode.com/svn/version/2.1(beta4)/IE9.js"></script>
<![endif]-->
<!-- IndieAuth -->
<link href="https://twitter.com/yogsototh" rel="me">
<link href="https://github.com/yogsototh" rel="me">
<link href="mailto:yann.esposito@gmail.com" rel="me">
<link rel="pgpkey" href="../../../../pubkey.txt">
</head>
<body lang="en" class="article">
<div id="content">
<div id="header">
<div id="choix">
<span id="choixlang">
<a href="../../../../Scratch/fr/blog/08_Configure_ssh_to_listen_the_port_443_on_Snow_Leopard/">French</a>
</span>
<span class="tomenu"><a href="#navigation">↓ Menu ↓</a></span>
<span class="flush"></span>
</div>
</div>
<div id="titre">
<h1>ssh to Listen 443 on Snow Leopard</h1>
</div>
<div class="flush"></div>
<div id="afterheader" class="article">
<div class="corps">
<h1 id="surf-everywhere-as-if-you-were-at-home">Surf everywhere as if you were at home</h1>
<p>In order to bypass <em>evil</em> company firewall and to surf safely on unsafe <sc>wifi</sc>. I keep an ssh server listening on the port 443.</p>
<p>Then from my laptop or my local computer I just have to launch the marvelous</p>
<div>
<div class="sourceCode" id="cb1"><pre class="sourceCode zsh"><code class="sourceCode zsh"><a class="sourceLine" id="cb1-1" title="1"><span class="kw">ssh</span> -f -p 443 -ND 9050 username@host</a></code></pre></div>
</div>
<p>and a local <sc>socks</sc> proxy listening on port 9050 is launched. The <sc>socks</sc> proxy will transfer local requests via the ssh tunnel. Therefore I can surf locally as if I was on my own computer. I can put password and card number without fear the local <sc>wifi</sc> network to be <em>sniffed</em>. I simply need to configure my web browser to user the <sc>socks</sc> proxy on localhost and port 9050.</p>
<p>I get this information from <a href="http://dltj.org/article/ssh-as-socks-proxy/">this post</a>.</p>
<h1 id="ssh-and-snow-leopardc">Ssh and Snow Leopard(c)</h1>
<p>Here I don’t want to talk about how great <sc>socks</sc> proxy via ssh tunneling is but how to configure my local server.</p>
<p>I have Mac with Snow Leopard(c) at home and it is far from enough to modify the <code>/etc/sshd.config</code> file. The system use <code>launchd</code> to launch starting daemons.</p>
<p>I posted the question on <a href="http://discussions.apple.com">Apple Discussions</a> in this <a href="http://discussions.apple.com/thread.jspa?messageID=10141032">discussion thread</a>. Thanks to all guys who helped me. And the solution is:</p>
<p>Create the file <tt>/Library/LaunchDaemons/ssh-443.plist</tt> containing:</p>
<div>
<div class="sourceCode" id="cb2"><pre class="sourceCode xml"><code class="sourceCode xml"><a class="sourceLine" id="cb2-1" title="1"><span class="kw">&lt;?xml</span> version=&quot;1.0&quot; encoding=&quot;UTF-8&quot;<span class="kw">?&gt;</span></a>
<a class="sourceLine" id="cb2-2" title="2"><span class="dt">&lt;!DOCTYPE </span>plist PUBLIC &quot;-//Apple Computer//DTD PLIST 1.0//EN&quot; &quot;http://www.apple.com/DTDs/PropertyList-1.0.dtd&quot;<span class="dt">&gt;</span></a>
<a class="sourceLine" id="cb2-3" title="3"><span class="kw">&lt;plist</span><span class="ot"> version=</span><span class="st">&quot;1.0&quot;</span><span class="kw">&gt;</span></a>
<a class="sourceLine" id="cb2-4" title="4"><span class="kw">&lt;dict&gt;</span></a>
<a class="sourceLine" id="cb2-5" title="5"> <span class="kw">&lt;key&gt;</span>Disabled<span class="kw">&lt;/key&gt;</span></a>
<a class="sourceLine" id="cb2-6" title="6"> <span class="kw">&lt;false/&gt;</span></a>
<a class="sourceLine" id="cb2-7" title="7"> <span class="kw">&lt;key&gt;</span>Label<span class="kw">&lt;/key&gt;</span></a>
<a class="sourceLine" id="cb2-8" title="8"> <span class="kw">&lt;string&gt;</span>local.sshd<span class="kw">&lt;/string&gt;</span></a>
<a class="sourceLine" id="cb2-9" title="9"> <span class="kw">&lt;key&gt;</span>Program<span class="kw">&lt;/key&gt;</span></a>
<a class="sourceLine" id="cb2-10" title="10"> <span class="kw">&lt;string&gt;</span>/usr/libexec/sshd-keygen-wrapper<span class="kw">&lt;/string&gt;</span></a>
<a class="sourceLine" id="cb2-11" title="11"> <span class="kw">&lt;key&gt;</span>ProgramArguments<span class="kw">&lt;/key&gt;</span></a>
<a class="sourceLine" id="cb2-12" title="12"> <span class="kw">&lt;array&gt;</span></a>
<a class="sourceLine" id="cb2-13" title="13"> <span class="kw">&lt;string&gt;</span>/usr/sbin/sshd<span class="kw">&lt;/string&gt;</span></a>
<a class="sourceLine" id="cb2-14" title="14"> <span class="kw">&lt;string&gt;</span>-i<span class="kw">&lt;/string&gt;</span></a>
<a class="sourceLine" id="cb2-15" title="15"> <span class="kw">&lt;/array&gt;</span></a>
<a class="sourceLine" id="cb2-16" title="16"> <span class="kw">&lt;key&gt;</span>Sockets<span class="kw">&lt;/key&gt;</span></a>
<a class="sourceLine" id="cb2-17" title="17"> <span class="kw">&lt;dict&gt;</span></a>
<a class="sourceLine" id="cb2-18" title="18"> <span class="kw">&lt;key&gt;</span>Listeners<span class="kw">&lt;/key&gt;</span></a>
<a class="sourceLine" id="cb2-19" title="19"> <span class="kw">&lt;dict&gt;</span></a>
<a class="sourceLine" id="cb2-20" title="20"> <span class="kw">&lt;key&gt;</span>SockServiceName<span class="kw">&lt;/key&gt;</span></a>
<a class="sourceLine" id="cb2-21" title="21"> <span class="kw">&lt;string&gt;</span>https<span class="kw">&lt;/string&gt;</span></a>
<a class="sourceLine" id="cb2-22" title="22"> <span class="kw">&lt;/dict&gt;</span></a>
<a class="sourceLine" id="cb2-23" title="23"> <span class="kw">&lt;/dict&gt;</span></a>
<a class="sourceLine" id="cb2-24" title="24"> <span class="kw">&lt;key&gt;</span>inetdCompatibility<span class="kw">&lt;/key&gt;</span></a>
<a class="sourceLine" id="cb2-25" title="25"> <span class="kw">&lt;dict&gt;</span></a>
<a class="sourceLine" id="cb2-26" title="26"> <span class="kw">&lt;key&gt;</span>Wait<span class="kw">&lt;/key&gt;</span></a>
<a class="sourceLine" id="cb2-27" title="27"> <span class="kw">&lt;false/&gt;</span></a>
<a class="sourceLine" id="cb2-28" title="28"> <span class="kw">&lt;/dict&gt;</span></a>
<a class="sourceLine" id="cb2-29" title="29"> <span class="kw">&lt;key&gt;</span>StandardErrorPath<span class="kw">&lt;/key&gt;</span></a>
<a class="sourceLine" id="cb2-30" title="30"> <span class="kw">&lt;string&gt;</span>/dev/null<span class="kw">&lt;/string&gt;</span></a>
<a class="sourceLine" id="cb2-31" title="31"> <span class="kw">&lt;key&gt;</span>SHAuthorizationRight<span class="kw">&lt;/key&gt;</span></a>
<a class="sourceLine" id="cb2-32" title="32"> <span class="kw">&lt;string&gt;</span>system.preferences<span class="kw">&lt;/string&gt;</span></a>
<a class="sourceLine" id="cb2-33" title="33"><span class="kw">&lt;/dict&gt;</span></a>
<a class="sourceLine" id="cb2-34" title="34"><span class="kw">&lt;/plist&gt;</span></a></code></pre></div>
</div>
<p>It is a copy of <code>/System/Library/LaunchDaemons/ssh.plist</code> with some modifications:</p>
<ul>
<li>the <code>SockServiceName</code> from <code>ssh</code> to <code>https</code>.</li>
<li>the <code>Label</code> from <code>com.openssh.sshd</code> to something not existing as <code>local.sshd</code></li>
</ul>
<p>Tell me if it was helpfull or if you have any question.</p>
</div>
<div id="afterarticle">
<div id="social">
<a href="/rss.xml" target="_blank" rel="noopener noreferrer nofollow" class="social">RSS</a>
·
<a href="https://twitter.com/home?status=http%3A%2F%2Fyannesposito.com/Scratch/en/blog/08_Configure_ssh_to_listen_the_port_443_on_Snow_Leopard/%20via%20@yogsototh" target="_blank" rel="noopener noreferrer nofollow" class="social">Tweet</a>
·
<a href="http://www.facebook.com/sharer/sharer.php?u=http%3A%2F%2Fyannesposito.com/Scratch/en/blog/08_Configure_ssh_to_listen_the_port_443_on_Snow_Leopard/" target="_blank" rel="noopener noreferrer nofollow" class="social">FB</a>
<br />
<a class="message" href="../../../../Scratch/en/blog/Social-link-the-right-way/">These social sharing links preserve your privacy</a>
</div>
<div id="navigation">
<a href="../../../../">Home</a>
<span class="sep">¦</span>
<a href="../../../../Scratch/en/blog">Blog</a>
<span class="sep">¦</span>
<a href="../../../../Scratch/en/softwares">Softwares</a>
<span class="sep">¦</span>
<a href="../../../../Scratch/en/about">About</a>
</div>
<div id="totop"><a href="#header">↑ Top ↑</a></div>
<div id="bottom">
<div>
Published on 2009-09-07
</div>
<div>
<a href="https://twitter.com/yogsototh">Follow @yogsototh</a>
</div>
<div>
<a rel="license" href="http://creativecommons.org/licenses/by/3.0/deed.en_US">Yann Esposito©</a>
</div>
<div>
Done with
<a href="http://www.vim.org" target="_blank" rel="noopener noreferrer nofollow"><strike>Vim</strike></a>
<a href="http://spacemacs.org" target="_blank" rel="noopener noreferrer nofollow">spacemacs</a>
<span class="pala">&amp;</span>
<a href="http://nanoc.ws" target="_blank" rel="noopener noreferrer nofollow"><strike>nanoc</strike></a>
<a href="http://jaspervdj.be/hakyll" target="_blank" rel="noopener noreferrer nofollow">Hakyll</a>
</div>
<hr />
<div style="max-width: 100%">
<a href="https://cardanohub.org">
<img src="../../../../Scratch/img/ada-logo.png" class="simple" style="height: 16px;
border-radius: 50%;
vertical-align:middle;
display:inline-block;" />
ADA:
</a>
<code style="display:inline-block;
word-wrap:break-word;
text-align: left;
vertical-align: top;
max-width: 85%;">
DdzFFzCqrhtAvdkmATx5Fm8NPJViDy85ZBw13p4XcNzVzvQg8e3vWLXq23JQWFxPEXK6Kvhaxxe7oJt4VMYHxpA2vtCFiP8fziohN6Yp
</code>
</div>
</div>
</div>
</div>
</div>
</body>
</html>