1
0
mirror of https://github.com/moparisthebest/sslh synced 2024-12-12 02:32:15 -05:00
sslh/TODO

26 lines
978 B
Plaintext
Raw Normal View History

2013-10-06 06:09:52 -04:00
Here's a list of features that have been suggested or
sometimes requested. This list is not a roadmap and
shouldn't be construed to mean that any of this will happen.
- configurable behaviour depending on services (e.g.
select() for ssl but fork() for ssh).
- have certain services available only from specified subnets
- some sort of "service knocking" allowing to activate a
service upon some external even, similar to port knocking;
for example, go to a specific URL to enable sslh forwarding
to sshd for a set period of time:
* sslh listens on 443 and only directs to httpd
* user goes somewhere to https://example.org/open_ssh.cgi
* open_ssh.cgi tells sslh
* sslh starts checking if incoming connections are ssh, and
if they are, forward to sshd
* 10 minutes later, sslh stops forwarding to ssh
That would make it almost impossible for an observer
(someone who'd telnet regularly on 443) to ever notice both
services are available on 443.