1

I'm looking to build a firewall that will perform "man-in-the-middle" inspections on SSH traffic. It will decrypt, inspect and re-encrypt traffic. There are quite a few free solutions for SSL deep inspection that do this, but none for SSH.

I am particularly interested in the ability to do fine grained filtering of applications and commands (like preventing a user from launching a remote web browser through X11 over SSH).

Open source dpi tools include nDPI, Libprotoident, and Netifyd but I don't think they have this feature.

Improve this question
2
  • So, you have the SSH credentials/etc of everyone going through, if I understand correctly? Commented May 14, 2018 at 7:51
  • yes, but I've been doing some reading and it seems like these man-in-the-middle solutions are really bad practice Commented May 14, 2018 at 15:42

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.