There is a funny little hack out there called [[sslh]], which lets one accept both https and ssh connection on the same, one port. It lets me connect from inside my corporate proxy, which allows outbound connections on port 443, using Putty, while still being able to serve Web pages over https.

There are two problems with sslh:

  • It’s in Perl. That means it’s pretty RAM hungry, and probably not very fast.
  • It doesn’t manage privilege dropping, which is rather questionnable.
The obvious solution to both problems was to re-implement it in C, because that’s what geeks do. I give you [[sslh.c]]. Use it wisely.

This also makes for a good example of network programming.

EDIT: sslh now has its own [[page]] on my site, and was accepted by [[Freshmeat]].