Comments (2)
That's a great set of features indeed.
Not sure what you mean by that:
If the user enters the wrong secret path, they connect to the Ngnix web server (fallback).
Maybe one way to achieve all these features would just be to be integrable with existing web servers such as caddy, nginx, etc, and let them do that work.
from ssh3.
Not sure what you mean by that:
If the user enters the wrong secret path, they connect to the Ngnix web server (fallback).
Fallback refers to the following mechanism:
https://github.com/klzgrad/naiveproxy
The project's GitHub home page provides a sample implementation with a custom web page.
Below is an example of how to proxy someone else's website:
### /etc/caddy/Caddyfile
{
order forward_proxy before file_server
}
:443, SERV_DOMAIN {
tls ADMIN_EMAIL
forward_proxy {
basic_auth USR_NAME USR_PASS
hide_ip
hide_via
probe_resistance
}
reverse_proxy PROXY_SITE {
header_up Host {upstream_hostport}
}
}
I suggested using the Ngnix web server because of the lower resource consumption (my guess).
A more detailed description of the FallBack mechanism can be found at the following links:
https://xtls.github.io/en/document/level-1/fallbacks-with-sni.html
https://xtls.github.io/en/config/features/fallback.html#fallbacks-configuration
Similarly, the following mechanism is used in ocserv in camouflage mode:
https://ocserv.gitlab.io/www/manual.html#:~:text=%23%20The%20following%20options%20are%20related,example.com/%3Fmysecretkey%22.%0Acamouflage_secret%20%3D%20%22mysecretkey%22
from ssh3.
Related Issues (20)
- Certs by SPIRE
- Implement mTLS
- Remove unnecessary HTTP layer HOT 3
- Unable to install on Termux HOT 3
- Erratic behavior when SSH-ing with IPv6 hosts HOT 1
- [BeforeSuite] [FAILED] [8.752 seconds]
- Add support for passkeys HOT 2
- SSH version 3 exists already (known as SSH G3 since 2005) HOT 1
- proxy-jump error HOT 17
- SSH Agent forwarding does not work
- Not an IETF draft (yet) HOT 1
- Using a different QUIC implementation HOT 2
- Rename SSH3 => SSHH3 ? HOT 26
- BUG: Insufficient locking in cmd/ssh3-server HOT 1
- Access denied from the server: unauthorized HOT 3
- Debian packaging build failures HOT 1
- add support for PKCS11 HOT 2
- the connection was closed by the application: INTERNAL_ERROR ... sendmsg: invalid argument HOT 2
- Any concept/idea to share with NGINX/SSL port 443? HOT 7
- Too low OIDC information for debugging HOT 12
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ssh3.