Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 29 Nov 2006 10:56:16 -0800
From:      "Atom Powers" <>
To:        "Tom Judge" <>
Cc:        Ansar Mohammed <>,
Subject:   Re: ssh over http
Message-ID:  <>
In-Reply-To: <>
References:  <000001c712a9$495ccce0$> <> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On 11/29/06, Tom Judge <> wrote:
> Atom Powers wrote:
> > On 11/27/06, Ansar Mohammed <> wrote:
> >> Hello All,
> >> Is there any ssh over http implementation available for freebsd?
> >
> > That doesn't even make sense. SSH is a transport layer protocol, HTTP
> > is an application layer protocol.
> >
> Both HTTP and SSH are application level transports,  however both can be
> used to tunnel TCP connections.  Therefore it is possible to use ssh
> over http.  The windows putty client can use http proxies to make
> outbound connections as long as your http proxy is configured to allow
> CONNECT requests to port 22.  If you using squid for example with a
> defaultish config you will need to update your proxy server configuration.

SSH is often paired with an application, a shell, but that doesn't
make it an application layer protocol. SSH establishes and manages a
transport layer connection between the client and server, over which
you can tunnel most other transport layer protocols.

This is very similar to the way SSL/HTTP are being used. SSL and TLS
are transport layer protocols that usually use the application layer
protocol HTTP. And like SSH, SSL/TLS can be used to tunnel other
transport layer protocols.

So what we are really talking about here is not "SSH over HTTP" but
"SSH through a HTTPS vpn/proxy", which doesn't use HTTP at all once
the session is established.

Nobody tunnels though HTTP, they use SSL/TLS.

Perfection is just a word I use occasionally with mustard.
--Atom Powers--

Want to link to this message? Use this URL: <>