
Pleasanton USD now blocks all ports except 80 and 443 - jmeyer2k
https://twitter.com/meyer9_/status/964613663146459136
======
LinuxBender
Disclaimer: Using the following methods could be seen as bypassing the intent
of the port restrictions set by your org.

I commit to github using ssh on port 443.

    
    
        # git remote set-url origin git@<host-in-ssh-config>:<username>/<repo>
    

From ~/.ssh/config

    
    
       Hostname ssh.github.com
        Port 443
        User git
        IdentityFile ~/.ssh/.github
    

Consider using Dovecot on your mail server for port 443. I was not aware that
Discord stopped supporting websockets over 443. I run my own Mumble voice chat
server so I can put it on 443, but I understand people have a lot of friends
on Discord. I am just not happy with their chat logging policy [0].

You could also run a proxy or VPN on port 443. You can also use sslh [1] to
have SSH+SSL+Proxy+VPN all on the same port 443. You can do similar things
using HAProxy + SNI + SSL, but that is a bigger subject.

For other things that must use other ports or protocols, you can sometimes
wrap them using tsocks [2] in your VPN or SSH tunnels to port 443.

[0] - [https://blog.discordapp.com/how-discord-stores-billions-
of-m...](https://blog.discordapp.com/how-discord-stores-billions-of-
messages-7fa6ec7ee4c7)

[1] - [https://github.com/yrutschle/sslh](https://github.com/yrutschle/sslh)

[2] - [https://www.redpill-linpro.com/sysadvent/2015/12/13/socks-
pr...](https://www.redpill-linpro.com/sysadvent/2015/12/13/socks-proxy-as-
poor-mans-vpn.html)

~~~
jmeyer2k
The school blocks Discord IPs.

Thanks for the tip on using git on port 443. I didn't know it was possible to
do that with SSH keys. I have 2FA on my account, so I can't use just HTTPS.

Also, yeah I setup a VPN on port 80, so I can effectively bypass this. I just
didn't want to post that on Twitter. I'd probably get suspended for hacking or
something.

~~~
LinuxBender
Certainly, bypassing their security controls, or the intent of the controls
could cause you grief.

Out of curiosity, how does using https affect 2FA?

~~~
jmeyer2k
Generally, with git through http, it is able to prompt you for your github
password, but with 2FA, it is not. You have to use an SSH key.

~~~
LinuxBender
Oh I see, if you are on a shared computer, you would have to use a pw vs. an
ssh key. I was not connecting the dots. Thankyou for the clarification.

