Is it bad to port forward port 443 for ssh?
It should work fine, it's not more secure than using a different port for ssh (or less secure for that matter). And no, outbound TCP sockets are not the same as inbound TCP sockets - so it should not interfere with your outbound network traffic.
If you are going to do this, at the minimum, please:
- Create a whitelist: Limit access to port 443 from only known IPs
- Disable Password logins and only use SSH Keys
You could open yourself up to danger otherwise. What if someone finds a security bug that allows them to automatically login when given an SSH prompt? Your whitelist will reduce that future risk.
By disabling password logins to SSH, if a bad actor on the whitelist manages to access your server, it will be much harder to bruteforce a way in.
This is good security hygiene. If you are a regular university student, the chances of attack could be low, but why take an unnecessary risk?
"HTTPS" is just a name for the TLS (Transport Layer Security) protocol when it is being used to secure the underlying HTTP protocol. Only the endpoints need to be concerned about the underlying protocol, so you can send whatever traffic you like once you have established the secure TLS connection, on whatever port is available, without having to worry about any intervening firewalls, hackers, foreign spies, or rogue security agencies within your own country.
"SSH" has its own protocol, so if you run ssh on port 443 there is always the possibility that a firewall or other snooping agent detects that the traffic is not HTTPS (since it deviates from TLS), and blocks it. The solution to this problem is to wrap the ssh session inside the TLS protocol, which is easily done by means of the program stunnel
. On the server, let stunnel listen on port 443 and tunnel the traffic to port 22. Then on the client you need to run another instance of stunnel which listens to some local port and then tunnels the traffic to port 443 on the server.