mirror of
https://github.com/moparisthebest/sslh
synced 2024-12-12 02:32:15 -05:00
initiated TODO list
This commit is contained in:
parent
fb0760dd72
commit
3f386b6541
25
TODO
Normal file
25
TODO
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
Here's a list of features that have been suggested or
|
||||||
|
sometimes requested. This list is not a roadmap and
|
||||||
|
shouldn't be construed to mean that any of this will happen.
|
||||||
|
|
||||||
|
- configurable behaviour depending on services (e.g.
|
||||||
|
select() for ssl but fork() for ssh).
|
||||||
|
|
||||||
|
- have certain services available only from specified subnets
|
||||||
|
|
||||||
|
- some sort of "service knocking" allowing to activate a
|
||||||
|
service upon some external even, similar to port knocking;
|
||||||
|
for example, go to a specific URL to enable sslh forwarding
|
||||||
|
to sshd for a set period of time:
|
||||||
|
* sslh listens on 443 and only directs to httpd
|
||||||
|
* user goes somewhere to https://example.org/open_ssh.cgi
|
||||||
|
* open_ssh.cgi tells sslh
|
||||||
|
* sslh starts checking if incoming connections are ssh, and
|
||||||
|
if they are, forward to sshd
|
||||||
|
* 10 minutes later, sslh stops forwarding to ssh
|
||||||
|
|
||||||
|
That would make it almost impossible for an observer
|
||||||
|
(someone who'd telnet regularly on 443) to ever notice both
|
||||||
|
services are available on 443.
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user