umm, I got confused. Let tell you exactly about the use case. so on a site like this " https://sshocean.com/ssh-ssl " I create an account, and I get something like this:
where do I insert this payload (what client for windows or Ubuntu)? and how do I insert the desired SNI that I want to be in front of my ISP? I know of http injector with whom the trick works on android, I mean ssh/ssl stunnel.
That last bit, -servername is the SNI bit, if you need it. BUT I think that payload might be for port 2083. I think 443 might be just the OpenSSL connect directly.
umm, I got confused. Let tell you exactly about the use case. so on a site like this " https://sshocean.com/ssh-ssl " I create an account, and I get something like this:
where do I insert this payload (what client for windows or Ubuntu)? and how do I insert the desired SNI that I want to be in front of my ISP? I know of http injector with whom the trick works on android, I mean ssh/ssl stunnel.
In your .ssh/config you want something like:
Host my-ssh-ssl Hostname us01.ssh0.net User sshocean-p1r4t2br Password myparrot2 Port 443 ProxyCommand ~/.ssh/https-tunnel.sh %h %p
Then you have a ~/.ssh/https-tunnel.sh something like:
#!/usr/bin/env bash { printf “GET /HTTP/1.1\r\nHost:$1\r\nUpgrade:websocket\r\n”; cat } | openssl s_client -connect $1:$2 -servername $1
That last bit, -servername is the SNI bit, if you need it. BUT I think that payload might be for port 2083. I think 443 might be just the OpenSSL connect directly.
then I initiate this using stunnel from terminal ?(Ubuntu OS)
No, stunnel is go othere end. If you doing only the client end, you.don’t need it.