multiplexing - Can nginx serve SSH and HTTP(S) at the same time on the same port? - Super User
vendredi 2 avril 2021 à 14:39echo '
stream {
map $ssl_preread_alpn_protocols $ssl_multiplexer {
"identifyssh" 127.0.0.1:822;
default 127.0.0.1:8443;
}
server {
listen 443;
ssl_preread on;
proxy_pass $ssl_multiplexer;
proxy_protocol on;
}
# ssl termination for ssh connections
server {
listen 822 ssl proxy_protocol;
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
proxy_ssl off;
proxy_pass 127.0.0.1:22;
}
}
' >> /etc/nginx/nginx.conf
Pour les sites dans /etc/nginx/sites-available/
server {
listen 8443 ssl proxy_protocol; # à la place du 443. proxy_protocol est important
# conf habituelle
}
Pour se connecter:
ssh user@<SERVEUR_NGINX> -o "ProxyCommand openssl s_client -alpn identifyssh -ign_eof -connect <SERVEUR_NGINX>:443"