Unsecuring SSH (Alternatively, Proxying Minecraft Packets through HTTP) [closed]

Question

Closed. This question is off-topic. It is not currently accepting answers.

---

Want to improve this question? Update the question so it's on-topic for Stack Overflow.

Closed 8 years ago.

Improve this question

I've set up a Minecraft server on OpenShift, a free PaaS. OpenShift requires internal applications (like my server) to bind to a port in the range of 15000 to 35530 or port 8080. However, it also requires external client to access the server in one of these ports: 22, 25, 80, 109, 110, 143, 220, 443, 465, 587, 993, or 995.

In other words, none of the internally exposed ports are exposed externally; however, there are two ways to communicate. One is SSH port tunneling, which I have setup on my computer already. The second one is through HTTP, which is automatically forwarded to 80 when it is sent through 8080 internally. The problem with SSH tunneling is that one needs to add a client's public key through OpenShift, and the client needs to setup their private key, which is too complicated for most of my friends.

I would like to make the connection process easier, so I thought of two possible ways of doing this. The first, which would be simpler to setup, would be to "unsecure" the SSH connections by not requiring a certain public or private key to connect. It's a game server, so security isn't an issue for me at all, but I think that this may not be possible, as SSH was built to be secure. The other way, which would be harder, would be to embed Minecraft packets into HTTP packets, which the OpenShift system automatically forwards. Perhaps this would be possible using an existing HHTP proxy system?

If anyone could help me solve this either of those two ways (or another way, if you can think of one), I would be very grateful!

Answer 1

Why not just create an ssh key pair specifically for this application and create a script that opens the tunnel using that specific key and then launches the program? You can also put restrictions on what any connection using that key is allowed to do (nothing).

#!/bin/sh
ssh -i ~/pathtoidfile -L 25565:localhost:yourport -f -N
# run minecraft to local server?

This is just off the cuff - probably not exactly correct. Also, assumes a unix (Mac or Linux) system. For windows, you'd have to install an ssh client (mingw?) and use cmd syntax.