SSHL/SSLH -Yet another VPN app that can tunnel SSH over SSL, or tunnel HTTP over SSH. This app lets you send customized HTTP Request Message to the server.
"Tunnel SSH over SSL lets you send customized SNI (Server Name Indication) and even send customized HTTP Request Message to the server."
Note on SSH Hosts: When using SSH over SSL, use IP address instead of a hostname, because resolving host needs legitimate connection.
Connected but cannot browse?
You can try to remove DNS from route by un-toggling include_dns or un-toggle vpn_dns.
DNS Leaking?
Un-toggling include_dns will prevent DNS leaks.
Routing
[Address]SLASH[Length]SPACE[Address]SLASH[Length]
Where;
SLASH = "/" is a delimiter of [Address] = IP Address
[Length] = Prefix Length
SPACE = " " is a delimiter of routes.
e.g. 1.1.1.1/32 8.8.8.8/32
HTTP Message Generator Syntax
[request_line] = CONNECT[sp][request_uri][sp]HTTP/1.0[crlf][crlf]
[request_uri] = [userfinfo]@[authority]
[userfinfo] = [http_username][c][http_password]
[authority] = [host][c][port]
[http_username] = http proxy username
[http_password] = http proxy password
[host] = ssh remote host
[port] = ssh remote port
[crlf] = Carriage Return (US-ASCII 13,
) Line Feed (US-ASCII 10,
[lf] = Line Feed (US-ASCII 10,
[cr] = Carriage Return (US-ASCII 13,
[ff] = Form Feed (FF) character (0x0C, )
[sp] = US-ASCII SP, space character (32)
[c] = Colon (US-ASCII 58, :)
[eol] = (End of Line) Carriage Return (US-ASCII 13,
) Line Feed (US-ASCII 10,
"Tunnel HTTP over SSH will generate Proxy-Authorization Request Header in the Request Line on the fly."
The Generator Button
This button will assist you in creating customized HTTP Request Message to the server, examples are given by tapping the dropdown arrows in the text fields.
Export/Import
Export:
SSHL/SSLH Tunnel is using SAF (Storage Access Framework) for simplicity. The file extension should be a ".sslh". When overwriting an existing config file, you must point the cursor to that file name.
Export Options:
- show (toggle to allow recipients to show all crucial information from config file)
- show_sni (toggle to allow recipients to show SNI from config file)
- show_message (toggle to allow recipients to show http message from config file)
- notes (deliver notes/messages to recipient "html tags is supported")
- root (toggle to allow root device to use the config) hence, app will reject the config.
- id (insert allowed hardware ID/s to use your config file)
Import:
- via inbuilt SAF (tap the options menu then select Import, browse/select the *.sslh file)
- via external File Manager (tap the *.sslh file directly)
- via Web (when downloaded from file sharing sites)
Note on Import: when prompted to "Open with" select Files and set as Always.
SSHL/SSLH Tunnel is powered by:
1. Connect Bot's sshlib
2. badvpn - tun2socks
All rights reserved.
