BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] ssh tunnels

Subject: [Discuss] ssh tunnels
From: gaf at blu.org (Jerry Feldman)
Date: Fri, 22 Feb 2013 12:27:10 -0500
In-reply-to: <5127A82D.4020708@horne.net>
References: <51277385.9090209@gmail.com> <5127960D.6090302@horne.net> <20130222110417.000067b0.Richard.Pieri@gmail.com> <5127A82D.4020708@horne.net>

On 02/22/2013 12:17 PM, Bill Horne wrote:
> On 2/22/2013 11:04 AM, Rich Pieri wrote:
>> On Fri, 22 Feb 2013 11:00:13 -0500
>> Bill Horne<bill at horne.net>  wrote:
>>
>>> Speaking of ssh tunnels, can someone figure out how to tunnel through
>>> ssh to a virtual domain?
>> Clarify what you mean by "virtual domain".
>
> Many web servers, mine included, are set up so that they deliver
> different pages, based on which domain name is included in the http
> headers sent with the request.
>
> For example:
>
> 67.190.84.154 - - [17/Feb/2013:15:42:25 -0800] "GET / HTTP/1.1" 200
> 4816 "http://billhorne.com/"; "Mozilla/5.0 (Windows NT 6.1; WOW64;
> rv:18.0) Gecko/20100101 Firefox/18.0"
>
> Since the "200" line includes the domain name, Apache knows that it
> needs to deliver a "splash" page from the "billhorne.com" tree. If the
> request were for  the "william-warren.com" domain, Apache would
> deliver a "splash" page appropriate for a different domain. The point
> is that Apache needs to see the domain name in the "200" request, in
> order to know which page to deliver. That's why it's called a "virtual
> domain": it doesn't depend on the IP address per se.
>
> Of course, it's also possible to set up the server so that it delivers
> the same page no matter which domain name is included in the headers.
> There is usually a default "splash" page to handle requests that are
> for an invalid domain, or which were sent with only an IP address.
> Since ssh tunnels require that the browser access the tunneled site
> via a localhost port, Apache doesn't get the desired domain name in
> the header, and it delivers the default page instead of the one that
> the user wanted.
The ssh tunnel is not going to change the header. So if the client asks
for http://billhorne.com/, your server will provide the proper page. The
ssh tunnel simply encrypts the transport. But, in your case, are you
planning on tunneling port 80?

-- 
Jerry Feldman <gaf at blu.org>
Boston Linux and Unix
PGP key id:3BC1EB90 
PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66  C0AF 7CEA 30FC 3BC1 EB90

References:
- [Discuss] Secure VNC
  - From: gaf.linux at gmail.com (Jerry Feldman)
- [Discuss] Secure VNC
  - From: bill at horne.net (Bill Horne)
- [Discuss] ssh tunnels
  - From: richard.pieri at gmail.com (Rich Pieri)
- [Discuss] ssh tunnels
  - From: bill at horne.net (Bill Horne)

Prev by Date: [Discuss] ssh tunnels
Next by Date: [Discuss] Storage question follow-up
Previous by thread: [Discuss] ssh tunnels
Next by thread: [Discuss] ssh tunnels
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org