Topic awaiting preservation: https ssh (Page 1 of 1)

I have a problem, as ever, and I was wondering if you guys might have any input. Being a boarder (I sleep at school), the only access I have to the internet is via the school connection. Needless to say, they prevent programs of which I have need (putty and so forth). For IRC, the solution is relatively simple (cgi:irc). However, ssh is not so simple to overcome. Java won't work, but I was wondering if it would be possible to set up some sort of remote shell system via https. Of course, that is not ssh, but it's something approximating it. However, how to set about doing it is beyond me. Just using cgi, and passing things to /bin/sh isn't good enough (returned data? "su"? ;p) so I was wondering if it might be made to work with a detached screen somehow...

Anyway, sorry for that ramble, just wondering if you guys had any input!

Wrayal

(And yes, I can already hear the cries of "OH DEAR GOD WHY??")

wrayal,

I'm not sure what you're trying to do. For a couple of years I had a similar situation with my web site where I had no ssh access. I would write a perl script to do the things I needed, use ftp to load the script onto my site, run it by typing the exact URL to it into my browser's location bar, get the information I needed, and then delete the script. I made the cgi-bin directory so that it wasn't listable using http and used obscure names for the perl scripts so noone was likely to use the script by guessing. I deleted any script as soon as I was through getting the information I needed from it.

Maybe I was lucky, but I never had any problems with security doing this.

You could do the same thing with PHP or veen I suppose C, C++ or sh scripts.

.



-- not necessarily stoned... just beautiful.

You will need to point out exactly what you are being limitted by. Are your ports being blocked? is it something else?

If you have an offsite compute you can create some kind of tunnel through port 80, you just need to setup your ssh deamon on that port. You might also try a remote telnet client and then use that client to SSH into the box you are trying to access.

You need to list out exactly what your problem with access is before a good solution can be found.

Dan @ Code Town

Note for the port 80 bit, you will need the remote compute to listen on 80.

I am assuming that you are behind some kind of nat, so it will be really hard to figure out exactly what you can get to. A neet test would be to create a listener on a remote machine and have to it listen on all ports and then you try to connect to it, you have to have it setup to talk back to you, do a bit of back and forth. Basically you portscan the remote system to see where you can get out, and were it can come back to you.

You might need someone on the outside on the phone with you operating the remote system, if one of your mates goes home for a break that would be the perfect time to try the experiment.

Dan @ Code Town

social engineering maybe?

really, if you have a good reason to use ssh, talk to your teachers or sysadmins and ask them to allow it for you.

To be precise, my problem is that I need somehow to get ssh access to my computer, but not a single program seems to be able to get through whatever system we have running.
WarMage: you seem to be on the right path - some sort of NAT service. PArt of the problem is that I do NOT know exactly what can get through. After comparatively large amounts of testing, the only things I can find that can actually make a connection are IE and Outlook.
Social engineering would be good except that I know from past experience that it will get me absolutely nowhere. Hence...my conclusion has had to be to work out some way via the net.
I will continue to test other things, but I don't hold out much hope.

I mean, net2ftp is great (ftp is read only on our computers -> another system needed) but please trust me - I have spent many hours with friends testing one thing and another - and dhtml/cgi/php is literally the only solution we have been able to find

Wrayal

You can not get SSH out? or you can not get SSH in?

What is the IP address that your computer has internally? Is it a 196.*?

Dan @ Code Town

Well, I'm on a school computer atm. Literally cannot even work out what my IP is (and trust me, that's not idiocy - I know my way round a computer ;p). My ssh server is sitting at www.wrayal.org (albeit I think it's down atm) and I need to be able to connect to that. My idea was to run a service on that server that would give you ssh access to it (passworded, encrypted etc)

Ok, you should set your SSH on wrayal.org to also run on port 80, that way you can run your putty locally and connect on port 80. If you can post to the web and run web apps you should be able to run you ssh client over port 80 and connect fine.

Dan @ Code Town

Nope - thought of that as well. Ultimately, it simply cannot resolve "www.wrayal.org", and gets an address uunreachable error when I try using IP

so you're very likely behind a http proxy then.

http://www.nocrew.org/software/httptunnel/

Dan @ Code Town

well I am guessing that it is down right now too as I can't ping it at all. Just times out.
is this running on a server that you have or is it hosted somewhere?

Later,

C:\

yar it's down right now. argh!



.:[ Never resist a perfect moment ]:.

I host it myself. Normally, all is well, but for some reason recently my router has been nuggy, hence the downtime. Don't know what I'm going to do about that - it's latest firmware and everything :\ argh I hate computers!
HTTP tunnelling was one thing I did look at, though, unbeknownst to me, my tutor and IT teacher get on well -> I might in fact have a chance to get ssh allowed

Wrayal



(Edited by wrayal on 06-29-2005 09:39)