本文发表在 rolia.net 枫下论坛From the ssh server point of view, port 80 or port 443 make no difference.
From the Proxy server, it is different. I don't really know how the proxy server work ( and there are different type of proxies, probably work differently) , My guess is
if a client send a http request, the proxy server work as a bridge mode, it will send the request to remote web host on behalf the client, and send back the response to client, so the proxy has full knowledge with the traffic, it can filter/block forbidden request and log any request.
Https is different, See: http://www.isaserver.org/tutorials/Understanding_SSL_bridging_and_tunneling_within_ISA.html
ISA deals with an outbound request by processing any request hat is directed to ISA that points to either port 443 or has an Https affiliation.
Most proxy server should work as tunnel mode, so client and remote server are directly talking to each other. it won't check the traffic content. So if you use port 80, the proxy server will want to analyze the request as http request and it will fail, so you won't be able to connect.
I heard some proxy server can decrypt the ssl from client, then re-encrypt it and send it to remote web server, thus working as a middle man to inspect all the traffic, but this require the proxy server has a wildcast ssl certificate cover all domain, so it should be easy to find out. Also you won't be able to do ssh connection through this kind of proxy.更多精彩文章及讨论,请光临枫下论坛 rolia.net