sslh is a ssl/ssh multiplexer.
Install the package.
The default configuration file is located at
/etc/sslh.cfg, which supports
2 additional configuration files are included in the package:
/usr/share/doc/sslh/basic.cfg, which is a basic configuration file that should provide sensible values for "standard" setup.
/usr/share/doc/sslh/example.cfg, which is provided as documentation to show what is possible. It should not be used as-is, and probably should not be used as a starting point for a working configuration.
sslh-select.service, depending on which option is right for your server:
sslh-forkforks a new process for each incoming connection. It is well-tested and very reliable, but incurs the overhead of many processes. If you're going to use
sslhfor a "small" setup (less than a dozen SSH connections and a low-traffic HTTPS server), then
sslh-forkis probably the best option for you.
sslh-selectuses only one thread, which monitors all connections at once. It is more recent and less tested, but the main process only incurs a 16 byte overhead per connection. However, if it stops then you will lose all non-forked connections, which means you can only upgrade it remotely if the necessary connections are set to fork mode. If you're going to use
sslhon a "medium" setup (a few thousand SSH connections, and another few thousand SSL connections),
sslh-selectwill be the most suitable option.
sslh-evis the most recent option, introduced in version 2.0. It's almost functionally identical to
sslh-select, but uses to scale much higher, making it ideal if you have a very large site (tens of thousands of connections). Currently not available through the official package, as 2.0 has not reached a stable release yet.