Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You could identify it as ssh vs SSL because they have different unencrypted headers. So systems which check that you are speaking SSL on port 443 would block ssh.


Exactly - headers is how SSLH does its "routing".

Sorry about the S3/EC2 confusion, but in the end it's still a better idea to go with a smaller VPS resaler to avoid preexisting subnet blacklists.


Which headers do you believe are sent in the clear over https?


With HTTPS you get a handshake Client Hello packet sent in the clear, which has a TLS version identifier and a plaintext session ID among other things. With SSH2, you get a literal "SSH-2.0" as part of the protocol identifier which appears before the key exchange.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: