GlockTalk.com
Home Forums Classifieds Blogs Today's Posts Search Social Groups



  
SIGN-UP
Notices

Glock Talk
Welcome To The Glock Talk Forums.

 
  
Reply
 
Thread Tools Display Modes
Old 07-20-2004, 21:50   #1
frefoo
Registered User
 
frefoo's Avatar
 
Join Date: Apr 2004
Location: Northen VA
Posts: 543


move https (apache2) from port 443

All,

I have a linux box running at home that from time to time I would like to access from work.

The problem is that Work is blocking all ports; (I have not found any other ports) except 80 and 443; at their firewalls.

My ISP blocks port 80.

That being said it seams like the only port I would be able to connect to via ssh is port 443.

Currently from work (Internet) I need ssh.

At home I need (Intranet), I need ssh, http, and https.

Which begs the question, How do I move https to a different port besides 443? So I can connect to my linux box from work?

My linux box is behind a Linksys BEFSX41 firewall/router (latest firmware).

I am running Apache2 (httpd-2.0.49-1.1) and ssh (openssh-server-3.6.1p2-19) on FC1

Thanks

[begin edit]

I know how to edit iptables and sshd_config. I do not know how to move https to a different port looking at the httpd.conf.

[end edit]

Last edited by frefoo; 07-20-2004 at 21:57..
frefoo is offline   Reply With Quote
Old 07-20-2004, 22:38   #2
lomfs24
Senior Member
 
lomfs24's Avatar
 
Join Date: Apr 2003
Location: Kansas
Posts: 4,813
Send a message via AIM to lomfs24 Send a message via Yahoo to lomfs24
I don't really know the answer to this question. So I am going to throw out some other questions that might help you.

Let me get everything straight. At your work, they block all ports except port 80 and port 443? No other ports are open, like port 25 for mail, no telnet, ssh etc...? Your ISP, at home, blocks inbound traffic on port 80? It seems odd to me that they would block inbound traffic on port 80 and leave port 443 open. I would think that the reason for blocking port 80 would be to keep you from hosting your own site. For the same reason I would think that they would also shut down port 443. Have you tried to access your webserver via https on port 443 from outside, ie...from work? And does it work?

You would have to force the ssh connection to port 443. Right? Then you would have to have ssh listening on port 443 on your linux box at home. Can you use port 443 for ssh? And can it be used along with https as long as they are not trying to use it at the same time?

These are mostly questions for my own benifit but I hope would help you out in your predicament as well.
__________________
The simple believeth every word: but the prudent man looketh well to his going. ~Proverbs 14:15
lomfs24 is offline   Reply With Quote
Old 07-20-2004, 22:58   #3
frefoo
Registered User
 
frefoo's Avatar
 
Join Date: Apr 2004
Location: Northen VA
Posts: 543


"Let me get everything straight. At your work, they block all ports except port 80 and port 443? No other ports are open, like port 25 for mail, no telnet, ssh etc...? Your ISP, at home, blocks inbound traffic on port 80?"

Exactly Correct

"It seems odd to me that they would block inbound traffic on port 80 and leave port 443 open. I would think that the reason for blocking port 80 would be to keep you from hosting your own site. For the same reason I would think that they would also shut down port 443"

I would think the same thing (I would if it was me) however oversight or what ever 80 is filtered 443 is not by my ISP.

"Have you tried to access your webserver via https on port 443 from outside, ie...from work? And does it work?"

Yes port 443 is completely open (when I disable my firewall at this time).

"You would have to force the ssh connection to port 443. Right? Then you would have to have ssh listening on port 443 on your linux box at home."

Correct again

"Can you use port 443 for ssh?"

You can yes in the sshd_config file you can change the port SSHD listens on (default is 22 I want it on port 443).

"And can it be used along with https as long as they are not trying to use it at the same time?"

No it cant and that is the problem (why I need to move https to a different port). Only 1 service (Apache, SSH, DNS, Email, you get the idea) is allowed to listen on single port.

As a result I cant have Apache and SSH both on port 443.

I know how to change SSH to a different port, I do not know how to remove https (default port 443) to a different port.
frefoo is offline   Reply With Quote
Old 07-20-2004, 23:11   #4
lomfs24
Senior Member
 
lomfs24's Avatar
 
Join Date: Apr 2003
Location: Kansas
Posts: 4,813
Send a message via AIM to lomfs24 Send a message via Yahoo to lomfs24
I tried looking at my httpd.conf file but I am running Suse 9 and they split everything up into a bunch of different files. I could not find the file that changes the port of https from port 443 to port XXX. I also did a quick search on www.linuxquestions.org and found nothing that popped out at me. I still have that tab open and will search there some more. You may want to post a question there.
__________________
The simple believeth every word: but the prudent man looketh well to his going. ~Proverbs 14:15
lomfs24 is offline   Reply With Quote
Old 07-20-2004, 23:22   #5
frefoo
Registered User
 
frefoo's Avatar
 
Join Date: Apr 2004
Location: Northen VA
Posts: 543


Quote:
Originally posted by lomfs24
I tried looking at my httpd.conf file but I am running Suse 9 and they split everything up into a bunch of different files. I could not find the file that changes the port of https from port 443 to port XXX. I also did a quick search on www.linuxquestions.org and found nothing that popped out at me. I still have that tab open and will search there some more. You may want to post a question there.
Good idea, most of the searching I have done talks about changing mod_ssl (Apache1), it seams like Apache2 does not have a mod_ssl to edit.

Not knowing what version of SuSE 9 you are running, With 9.1 professionial they were using Apache2.
frefoo is offline   Reply With Quote
Old 07-20-2004, 23:27   #6
lomfs24
Senior Member
 
lomfs24's Avatar
 
Join Date: Apr 2003
Location: Kansas
Posts: 4,813
Send a message via AIM to lomfs24 Send a message via Yahoo to lomfs24
This is what it looks like to me. https is really ssl. Find the file that changes the port that ssl is on and you have solved your problem. Now, time to look into ssl and where the conf fils for it are.
__________________
The simple believeth every word: but the prudent man looketh well to his going. ~Proverbs 14:15
lomfs24 is offline   Reply With Quote
Old 07-21-2004, 08:30   #7
physicsdevil
Member
 
Join Date: Jan 2000
Location: California
Posts: 75
The pragma that affects the port is called 'Listen', and it can be in different places depending on how you set Apache up. Typically, it'll either be in httpd.conf or ssl.conf. https uses ssl to negotiate a secure (i.e. encrypted) socket.

Last edited by physicsdevil; 07-21-2004 at 08:32..
physicsdevil is offline   Reply With Quote
Old 07-22-2004, 07:43   #8
grantglock
/dev/null
 
grantglock's Avatar
 
Join Date: Feb 2004
Location: Iowa
Posts: 932
Send a message via Yahoo to grantglock
look for ssl.conf, mine is in the the same location as httpd.conf

this is the relevant part of the file

# When we also provide SSL we have to listen to the
# standard HTTP port (see above) and to the HTTPS port
#
# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two
# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"
#
Listen 443
grantglock is offline   Reply With Quote
Old 07-30-2004, 07:11   #9
rotinom
Senior Member
 
Join Date: Jul 2002
Posts: 129
On redhat systems (don't know about your distro, sorry), they move the module conf files to /etc/httpd/conf.d/ and the main httpd.conf file is in /etc/httpd/conf/

as the previous poster said, look for a ssl.conf or something similar, change the "Listen 443" to "Listen XYZ" restart apache, and have a beer
rotinom is offline   Reply With Quote

 
  
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT -6. The time now is 12:40.




Homepage
FAQ
Forums
Calendar
Advertise
Gallery
GT Wiki
GT Blogs
Social Groups
Classifieds


Users Currently Online: 1,257
306 Members
951 Guests

Most users ever online: 2,244
Nov 11, 2013 at 16:42