https://issues.apache.org/bugzilla/show_bug.cgi?id=29744
--- Comment #80 from Viktor Ć tujber <[email protected]> 2009-03-04 05:23:15 PST --- Apache's mod_proxy supports tunneling ssh over plaintext HTTP, as suggested on http://httpd.apache.org/docs/2.2/mod/mod_proxy_connect.html. But in this scenario, an eavesdropping adversary will see 1. that you're trying to proxy a connection 2. the destination server's address 3. your proxy credentials (!!) 4. that you're tunneling ssh 5. the sshd's version string 6. the ssh handshake and subsequent encrypted data To avoid being compromised, one could instead talk to the proxy using HTTP over SSL (a.k.a. HTTPS). That way, the adversary can only observe a SSL handshake with the proxy. Since the proxy also acts as a web-server, the adversary cannot directly discern between a normal legitimate https page request and an ssh tunnel negotiation. So the only difference between the two is that we add an extra crypto layer. This layer would transparent to the HTTP channel - no modification necessary. The only requirement is that the server properly maintains this layered model. >From comment #1 and others, it is shown that Apache actually does use this model, but only for client -> server traffic: the SSL layer is established and the HTTP CONNECT request parsed. But in the server -> client direction, the SSL layer is skipped and data written directly to socket. So unless I made a mistake, I can only see this problem as a defect in mod_proxy's code logic - code that only works when there are no extra communication layers. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
