Reversing SSH HTTP tunnel
Christian Albrecht
christian.albrecht at easynet.com
Wed Jun 8 17:39:33 CEST 2011
On 06/08/2011 03:01 PM, Samuel ROZE wrote:
> Hello,
>
> I'm using Varnish as a front reverse-proxy, and it works very well. I
> would like to add a new functionnality: an SSH HTTP tunnel, using
> "httptunnel". That's what I made:
>
> # hts --forward-port localhost:22 2280
>
> And, in the varnish configuration:
>
> ----------------------------------------------------------
> [...]
> backend hts {
> .host = "127.0.0.1";
> .port = "2280";
> .first_byte_timeout = 600s;
> }
>
> [...]
> sub vcl_recv {
> if (req.http.host ~ "tunnel.example.com") {
> set req.backend = hts;
> }
> [...]
> } else {
> set req.backend = nginx;
> }
> }
> ----------------------------------------------------------
>
> So I just want Varnish to redirect HTTP request to
> "tunnel.example.com" to the HTS backend, but it doesn't work when I
> run the httptunnel client and I make the SSH connection:
>
> $ htc --forward-port 8001 tunnel.example.com:80
> $ ssh root at localhost -p 8001
> ssh_exchange_identification: Connection closed by remote host
It looks like a tcpwrapper (/etc/hosts.allow, /etc/hosts.deny) issue. Do
you have enabled localhost for using sshd?
Try to add a line like in /etc/hosts.allow
sshd: 127.0.0.1: allow
Brgds,
Christian
More information about the varnish-misc
mailing list