Objective: run many services on the same port with sslh
sslh is a superb utility which greatly increased my satisfaction of self-hosting xmpp, www, vpn, ssh and other. Why? How? Let’s see!
Introduction
Sometimes it may be neccesary to run different services that listen on the same port. Often the case is with VPN, XMPP, HTTP(s), SSH.
sslh will enable us to do so in a easy and efficient way.
Installation
There already is packed sslh in Debian, Gentoo, FreeBSD repositories, so all we have to do is use apprioperiate package manager, on Debian it would be:
aptitude install sslh
Last step needs the most interaction: launching sslh. All aptions are neatly described by the --help switch:
sslh --help
sslh 1.16-2
usage:
sslh [-v] [-i] [-V] [-f] [-n] [-F <file>]
[-t <timeout>] [-P <pidfile>] -u <username> -p <add> [-p <addr> ...]
[--ssh <addr>]
[--openvpn <addr>]
[--tinc <addr>]
[--xmpp <addr>]
[--http <addr>]
[--ssl <addr>]
[--tls <addr>]
[--anyprot <addr>]
[--on-timeout <addr>]
-v: verbose
-V: version
-f: foreground
-n: numeric output
-F: use configuration file
--on-timeout: connect to specified address upon timeout (default: ssh address)
-t: seconds to wait before connecting to --on-timeout address.
-p: address and port to listen on.
Can be used several times to bind to several addresses.
--[ssh,ssl,...]: where to connect connections from corresponding protocol.
-F: specify a configuration file
-P: PID file.
-i: Run as a inetd service.
Or you may change the default configuration in a config file: /etc/default/sslh
I usually launch sslh with:
sslh --listen 0.0.0.0 80 --ssh 127.0.0.1 22 --http 127.0.0.1 8880 --xmpp 127.0.0.1 5222 --user sslh --pidfile /var/run/sslh.pid
As you can see, at the moment we cay run many services on the same port with sslh, which was our objective from the beggining. Hope you like it!