For those that don’t know, sslh is a TCP port multiplexer. This basically means that you can serve both https and ssh traffic from the same port. It’s most useful for circumventing corporate firewalls that block TCP port 22 (i.e. ssh), but allow TCP port 443 (i.e. https) by serving both on TCP port 443.
In the default configuration, however, all connections that go through sslh look to ssh or apache as if they came from localhost. This isn’t ideal if you want to run something like denyhosts or fail2ban to block malicious ssh login attempts.
sslh does have an option to do “transparent” proxying so ssh and apache think that the connections have come from the right place. In this post, I’ll describe how I set this up on my machine.
