I miss good and responsive support. I mostly deal with Google GCP and it's soul draining. They always take close to 24 hours to reply to any of your comment, even if you immediately reply you won't hear from them until next day. They cherry pick one line to answer and their replies often contradict rest of the facts presented in the issue report. They shield product engineers from you, acting as intermediary, so now there are two 24 hour hops each way. When product engineer also give nonsense answer, support doesn't enter into discussion with them on your behalf to get something reasonable, no they just pass it along.

For the price they charge for support I'd expect more quality.

fwiw, in the “Port” directive in sshd_config you can just add another port number declaration and SSHd will listen on both ports.

     Port 22 
     Port 80

Why would a hurricane need SSH?

People who run Wi-Fi hotspots that firewall port 22 should be tied to rocks and tossed in a river.

Not being too familiar with `iptables` myself, I'd love to see the magic invocation they used. Anyone have any idea what that would have looked like?

I expose sshd on :443 for use in airports and hotels and other places with awful firewalls.

Worked great until the hotel where such connections also had a maximum duration!

socat is better for this. It plumbs any connection to any connection.

Listen on port 8080 and route to some local 22?

socat TCP-LISTEN:8080,fork,reuseaddr TCP:[somelocalip]:22

This lets you be very explicit in watching this run and killing when done.

Socat also lets you route networks through old serial ports, log all data going over a connection to a file, and even join completely different protocols.

Fun past projects based on socat; a serial port->socat to tcp out->socat on another computer to listen->a serial port out. Basically this created a serial port that worked over a satellite for a customer doing some remote monitoring so they could set an alarm if something failed (a lot of equipment only has serial connectivity for status).

I hate public WiFi that blocks arbitrary ports. The internet is not HTTP!!

Good reason to have backup connection means, like ssh in https. (Or at the time of the article, since it's possible even https was blocked, ssh over dns.)

Commas, so important, are so very, infrequently, and - unnecessarily - sparingly used.

Poor hurricane needing ssh

The ability to just switch -I to -D to delete the rule is something I miss in nftables. I used that all the time.

> Whether they were trying to be KIBO or B1FF, I may never know.

Can someone explain this reference to me, I didn't get it?

even today, while traveling through the US, there are lots of wifi access points that won't allow you to ssh. Sometimes I just fire up my VPN and then I can ssh again.

Web based ssh could have solved that issue, e.g. [0].

[0]: https://shellngn.com/

I wonder how long until customer support AI will solve these issues or is this an edge case that will require intervention?

If you can sneak a <blink> tag into the ticket system, you likely can sneak a in <script> or <iframe> tag as well... I'm sure input sanitization was already a thing preached back then but ignored by many web developers...

undefined