Question 1

How do I set up sslh to run SSH on port 443?

Accepted Answer

Configure sslh to listen on port 443 and forward SSH traffic to your SSH server's port using command-line options or config files, as shown in the Docker examples—e.g., '--listen=0.0.0.0:443 --ssh=hostname:22'.

Question 2

What's the difference between sslh and HAProxy for multiplexing?

Accepted Answer

sslh focuses on protocol detection at the packet level for services like SSH and HTTPS, ideal for firewall bypass, while HAProxy is more for application-layer load balancing and proxying, better suited for high availability and HTTP-specific routing.

Question 3

How to configure transparent proxying in sslh for client IP preservation?

Accepted Answer

Use the proxyprotocol setting if your backend server supports it for simpler setup, or follow the complex iptables method described in the documentation, which requires advanced network knowledge and environment-specific tuning.

Question 4

Does sslh support UDP protocols like OpenVPN?

Accepted Answer

Yes, sslh supports UDP for protocols such as OpenVPN and tinc, as mentioned in the features, but configuration may involve additional steps for proper forwarding and transparency.

Question 5

What are the performance implications of using sslh?

Accepted Answer

sslh adds overhead due to packet inspection and forwarding, which can impact latency and throughput; for larger installations, the libev-based concurrency model is recommended to mitigate performance issues.

Question 6

How to secure sslh against denial-of-service attacks?

Accepted Answer

Implement connection limits and follow the security guide, as the code review highlighted vulnerabilities that need mitigation through proper configuration, such as using the max_connections settings.

sslh

What is sslh?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions