Has anyone encountered a way to run sslh on a Kubernetes cluster, preferably integrated with IngressController functionality (eg, nginx ingress controller)? The ability to SSH via port 80 is very interesting, but I have not been able how to integrate it with Ingress-based setups in k8s. Thx
Asked
Active
Viewed 130 times
1 Answers
0
The way I could see doing it is to package sslh in a container and deploy it and nginx together in a pod. Then change port configuration so that sslh receives all traffic that nginx would receive, and then sslh can pass along traffic to nginx on localhost, as it wants to.
Logistically, it doesn't look possible to specify a specific host to ssh into.
One would have to allow sslh to talk to sshd on the node.
So, this looks like an operational and security nightmare. :) Talk about principle of greatest surprise.
Jonah Benton
- 1,242
- 7
- 13
-
Hum... I agree it would be surprising, not necessarily in a good way... A better way might be to create a nginx-ingress-controller image based on the "official" one and launch sslh there, before passing it to the controller. Or have it in the same pod as nginx-ingress-controller... But it's late, so I might have a different view tomorrow :D Thx – JoaoCC Mar 06 '18 at 00:51