Let one port do two things at the same time: Http/https and SSH

Believe that a lot of people are yy: can you let the 80 port Analysis connection Protocol, if the HTTP protocol let the server to the HTTP service program (such as Apache, Nginx, etc.) processing, if the SSH protocol is given to the SSH service program (such as OpenSSH Server) processing it?

The answer is clearly there.

First, configure the HTTP service to listen on port 8080 or allow the HTTPS service to listen on port 8443 and configure the SSH service to listen on Port 22. Specifically no longer repeat, if this does not understand the need not to look down, because it will certainly be uncertain.

Then, install a powerful tool called Haproxy. The steps are as follows.

Download Source code:

wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.16.tar.gz

To view the current kernel version:

Uname-r

Then go to directory to compile the installation:

CD haproxy-1.4.16

Make Target=linux26 Prefix=/usr/local/blog.creke.net/haproxy

Make install Prefix=/usr/local/blog.creke.net/haproxy

Where the "TARGET" parameter of the second line is the same as the kernel version. The "PREFIX" in line second to third is the installation location.

Finally, configure Haproxy.

If you are listening on port 80, the HTTP protocol is detected to be forwarded to port 8080 for HTTP, otherwise it will be forwarded to port 22 using SSH. The configuration is as follows:

#By http://blog.creke.net/

Global
Maxconn 5120
Chroot/usr/local/blog.creke.net/haproxy
Daemon
Quiet
Nbproc 2
Pidfile/usr/local/blog.creke.net/haproxy/haproxy.pid

Defaults
Timeout Connect 5s
Timeout client 50s
Timeout Server 20s

Listen HTTP
Bind:80
Timeout client 1h
Tcp-request inspect-delay 2s
ACL is_http req_proto_http
Tcp-request Content Accept if is_http
Server server-http:8080
Use_backend SSH if!is_http

Backend SSH
Mode TCP
Timeout Server 1h
Server server-ssh:22

If there is a listening 443 port, the HTTPS protocol is detected and forwarded to port 8443 using HTTPS, otherwise forwarded to port 22 using SSH. The configuration is as follows:

Global
Maxconn 5120
Chroot/usr/local/blog.creke.net/haproxy
Daemon
Quiet
Nbproc 2
Pidfile/usr/local/blog.creke.net/haproxy/haproxy.pid

Defaults
Timeout Connect 5s
Timeout client 50s
Timeout Server 20s

Listen HTTPS
bind:443
Timeout client 1h
Tcp-request inspect-delay 2s
ACL Is_ssl req_ssl_ver 2:3.1
Tcp-request Content Accept if Is_ssl
Server server-https:8443
Use_backend SSH if!is_ssl

Backend SSH
Mode TCP
Timeout Server 1h
Server server-ssh:22

Save the content as "/usr/local/blog.creke.net/haproxy/etc/haproxy.conf" and execute the command:

/usr/local/blog.creke.net/haproxy/sbin/haproxy-f/usr/local/blog.creke.net/haproxy/etc/haproxy.conf

can be run.

Well, we should be able to extrapolate, at least can also be a gourd painting.

Reference article:

Https://dgl.cx/2010/01/haproxy-ssh-and-ssl-on-same-port

Http://haproxy.1wt.eu/download/1.4/doc/configuration.txt

This setting discovers an issue that HTTP/HTTPS server cannot obtain to the client's IP.

Http://blog.creke.net/758.html/comment-page-1

Let one port do two things at the same time: Http/https and SSH