Client SSL Configuration

5 posts / 0 new
Last post
erth64net
Client SSL Configuration

Is there any way to configure within the client, each hub's SSL port on a per-hub/server basis? Or perhaps to enable/disable client-side SSL support on a per-server basis?

This would be most useful when there's more than one VHUSBIP server behind a single NATed gateway.

For instance.
1) User wants to connect from an AWS WorkSpace (a NATed environment), to a VHUSBIP server running behind a local NAT gateway.
2) User port-forwards ingress NAT on the local gateway to the VHUSB server.
3) Now user wants to add a 2nd VHUSB device behind their NAT gateway: how does the user designate a different SSL port in the client?

Michael
Download 2.8.5 of the client

Download 2.8.5 of the client and edit the vhui.ini file and specify the comma separated list of SSL ports that your servers may be on, e.g:

[General]
sslPort=7574,7573,7572

erth64net
You never cease to amaze me.

You never cease to amaze me. Thanks greatly for jumping on this so quickly.

apple_python_pi
problem with specifying client SSL ports

Hi Michael,

So I am attempting to achieve the above but I am unable to get it to work. I am using SSL reverse TCP and I've specified the client port that I want SSL to listen on. I edited the .vhui file when vhclientarmhf was not running and added sslPort=7578. Then I started the client and checked the logs and it was still listening on port 7572. I also tried this on a device with kernel 5.4.51 with the same result so I don't think it is kernel related. Any help is appreciated!

# .vhui
[General]
sslPort=7578
ReverseLookup=0
SSLReverseLookup=1
SSLCAFile=/home/user/ca.pem

~$ sudo vhclientx86_64 -n
~$ sudo cat /var/log/syslog | tail
Jul 31 18:21:32 hostname VirtualHere Client: Auto-find using Bonjour - off
Jul 31 18:21:49 hostname VirtualHere Client: VirtualHere Client 5.0.7 starting (Compiled: Jul 27 2020 12:15:36)
Jul 31 18:21:49 hostname VirtualHere Client: Client OS is Linux 4.4.0-186-generic x86_64
Jul 31 18:21:49 hostname VirtualHere Client: Using config at /home/user/.vhui
Jul 31 18:21:49 hostname VirtualHere Client: IPC available at /tmp/vhclient
Jul 31 18:21:49 hostname VirtualHere Client: VirtualHere Client is running as a service
Jul 31 18:21:49 hostname VirtualHere Client: Using SSL CA File /home/user/ca.pem
Jul 31 18:21:49 hostname VirtualHere Client: Auto-find using Bonjour - on
Jul 31 18:21:49 hostname VirtualHere Client: Auto-find using Bonjour SSL - on
Jul 31 18:21:49 hostname VirtualHere Client: SSLReverseLookupService listening on port 7572

Michael
.

In the client config use

SSLReverseLookupPort=7578

instead of SSLPort as SSLPort is just for forward connections

Log in or register to post comments