LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 01-26-2016, 04:14 AM   #1
penyuan
Member
 
Registered: Oct 2009
Distribution: Scientific Linux 6
Posts: 177

Rep: Reputation: 18
Question Using SSLH with existing Apache and OpenSSH setup?


Hello,

I have a running Apache 2.4 web server (listening on port 443) and OpenSSH server on my Manjaro Linux server.

I also just installed the protocol demultiplexer SSLH with configuration:
Code:
# Default Arch configuration
# You can find more examples in /usr/share/doc/sslh

verbose: false;
foreground: true;
inetd: false;
numeric: false;
transparent: false;
timeout: 2;
user: "sslh";
pidfile: "/run/sslh.pid";


listen:
(
    { host: "::0"; port: "443"; }
);

protocols:
(
     { name: "ssh"; service: "ssh"; host: "localhost"; port: "1022"; probe: "bu$
     { name: "openvpn"; host: "localhost"; port: "1194"; probe: "builtin"; },
     { name: "xmpp"; host: "localhost"; port: "5222"; probe: "builtin"; },
     { name: "http"; host: "localhost"; port: "443"; probe: "builtin"; },
     { name: "ssl"; host: "localhost"; port: "8443"; probe: "builtin"; },
     { name: "anyprot"; host: "localhost"; port: "8443"; probe: "builtin"; }
);
When I start the installed SSLH service, I get this error:
Quote:
sslh-select.service - SSL/SSH multiplexer
Loaded: loaded (/usr/lib/systemd/system/sslh-select.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Tue 2016-01-26 17:03:22 CST; 2s ago
Process: 28907 ExecStart=/usr/bin/sslh-select -F/etc/sslh.conf (code=exited, status=1/FAILURE)
Main PID: 28907 (code=exited, status=1/FAILURE)

Jan 26 17:03:22 [my hostname] sslh-select[28907]: config: /etc/sslh.conf
Jan 26 17:03:22 [my hostname] systemd[1]: Started SSL/SSH multiplexer.
Jan 26 17:03:22 [my hostname] sslh-select[28907]: [my domain]:https:listen: Address already in use
Jan 26 17:03:22 [my hostname] systemd[1]: sslh-select.service: Main process exited, code=exited, status=1/FAILURE
Jan 26 17:03:22 [my hostname] systemd[1]: sslh-select.service: Unit entered failed state.
Jan 26 17:03:22 [my hostname] systemd[1]: sslh-select.service: Failed with result 'exit-code'.
My best guess is that since my Apache server is already set to listen on port 443, SSLH can no longer listen on it? (would it be the same problem with SSH?)

I tried to tell Apache to listen on another port, say, 1234, and tell SSLH to listen on 443 then pass HTTP connections to localhost:1234. However, I *still* get the "address already in use" error.

I'd appreciate help from anyone who has integrated SSLH into an existing web server. Thank you.

Last edited by penyuan; 01-26-2016 at 04:35 AM. Reason: Added additional steps that tried.
 
Old 01-26-2016, 04:59 AM   #2
penyuan
Member
 
Registered: Oct 2009
Distribution: Scientific Linux 6
Posts: 177

Original Poster
Rep: Reputation: 18
Update:

I managed to get Apache to listen on another port, say, 1234 and start the SSLH service without the "address already in use error". I just had to find all instances of "listen" in Apache's configuration files and make sure they are all listening on 1234.

Now, I can SSH into my server via port 443. But when I try to get to my server's webpage via HTTPS on port 443, I get a "Secure Connection Failed" error from Firefox.

How do I resolve this? Thanks!!!
 
  


Reply

Tags
apache, ssh


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
sslh for centos aminbaik Linux - Networking 8 03-15-2012 04:51 PM
sslh packaging aminbaik Linux - General 1 03-15-2012 10:28 AM
Will Upgrading from SunSSH on Solaris to OpenSSH break existing trusts? RaelOM Linux - Security 1 08-17-2008 08:26 AM
openssl and openssh installation and setup on suse 10.2 suse91pro Linux - Software 3 07-02-2007 02:48 AM
Concepts/Security types/ Setup: OpenSSH/sshd/ssh/scp/sftp Caud Pong Linux - Security 5 09-23-2004 07:51 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 07:06 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration