/nassh-relay

Relay for Native Client SSH, see http://goo.gl/HMsm8p

Primary LanguageJavaScriptGNU Affero General Public License v3.0AGPL-3.0

Docker Pulls

nassh-relay

Relay for Native Client SSH, see http://goo.gl/HMsm8p

!!! Locally installed tor required for non Docker version.

Typical use case is when you want to firewall your sshd port. Also the relay supports roaming clients better than a direct TCP connection, as the TCP stack cuts the connection if the client IP changes. This relay on the other hand supports reconnecing from all HTTP client as long as the client can present it with the correct session ID[*].

Invoke: $ node nassh-relay.js [external-redirect]

At relay selection, the server echos back the HTTP Host header as the relay. If that host is not directly reachable by its clients, you need to specify an external-redirect.

[*] The session is still protected by SSH, so guessing the session ID is a denial of service attack and allows sniffing the encrypted sshd response bytestream.

Demos:

Deploy to heroku:

Deploy

Live:

Try it by yourself:

--proxy-host=nassh-relay.herokuapp.com --use-ssl --proxy-port=443

Play with Docker

  1. Click link below

PlayWithDocker

  1. login to docker and wait for swarm creating
  2. after sucessful swarm creating need to wait about 2 minutes for torproxy container set up
  3. in the top of Play with Docker site opened by step 2 find link 8022 and copy it
  4. paste link to nassh proxy host and remove http and slashes (like in example below) client options (fill in your temp docker url from pwd)
--proxy-host=pwd10-XXX-XXX-XXX-8022.host1.labs.play-with-docker.com --proxy-port=8022
  1. connect to your .onion or usual .com host or ip.
  2. # curl ipinfo.io and look at your ip address =)