Multi Protocol With One Port On Linux

I have a VPS that used for SSH Tunneling and web server too. But, in this case I want to change default SSH port from 22 to 443 without replacing HTTPS default port (443) to other port because my site and my blog running on HTTPS protocol. Is this possible? Yes, of course. I will explain how to share one port with another application using sslh.

What is sslh?

sslh accepts connections in HTTP, HTTPS, SSH, OpenVPN, tinc, XMPP, or any other protocol that can be tested using a regular expression, on the same port. This makes it possible to connect to any of these servers on port 443 while still serving HTTPS on that port.

1. Install sslh

On Debian based distros the command is:

sudo apt-get update  
sudo apt-get install sslh  

On RedHat based distros like CentOS or Fedora not available in officialy repo, so you may to add RPMForge repo like this:

rpm -ivh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.i686.rpm  

And then install:

sudo yum update  
sudo yum install sslh  

2. Configure sslh

After installing sslh you must configure it. In this case I just want to share HTTPS and SSH in same port (443). Set Web Server Port (apache, nginx, etc) and ssh like this:

- Web server HTTP on port  : 80
- Web server HTTPS on port : 442
- SSH on port : 2222

On Debian based distro:

Open /etc/default/sslh and set the configuration like this:

RUN=yes  
STARTTIME=2  
DAEMON=/usr/sbin/sslh  
DAEMON_OPTS="--user sslh --listen 0.0.0.0:443 --ssh 127.0.0.1:2222 --ssl 127.0.0.1:442 --pidfile /var/run/sslh/sslh.pid"  

Restart sslh :

sudo service sslh restart  

On RedHat based distro:

Open /etc/rc.d/init.d/sslh and find this following line:

OPTIONS="--user nobody --pidfile $PIDFILE -p  0.0.0.0:8443 --ssl 127.0.0.1:443 --ssh 127.0.0.1:22"  

Change the port :

  • 8443 to 443
  • 443 to 442
  • 22 to 2222

as shown below:

OPTIONS="--user nobody --pidfile $PIDFILE -p  0.0.0.0:443 --ssl 127.0.0.1:442 --ssh 127.0.0.1:2222"  

Restart sslh :

sudo service sslh restart  

If you get error message like this No such file or directory [FAILED], you his is because sslh executable path may be defined incorrectly in sslh config file. You can find the sslh executable path with this command:

which sslh  

Then open up sslh config file /etc/rc.d/init.d/sslh and change the path.

[...]
SSLH="/usr/sbin/sslh"  
PIDFILE="/var/run/sslh"  
[...]

Save and exit. Now restart again the daemon:

sudo service sslh restart  

3. Test sslh running or not

ps -ef | grep sslh  

Now try to connect to your server via SSH with port 443:

ssh root@localhost -p443  

See more information, configuration and documentation at Github

That's all. So easy huh? Happy 'sharing' ๐Ÿ™‚