Sorry, I misunderstood. You can do that as well, but you’ll have to run an instance of caddy-l4 on the Windows machine as a proxy server to your upstream. Here’s working config:
{
"apps": {
"layer4": {
"servers": {
"ssh-proxy": {
"listen": ["127.0.0.1:8443"],
"routes": [
{
"handle": [
{
"handler": "proxy",
"upstreams": [
{
"dial": ["example.com:443"],
"tls": {
"server_name": "example.com"
}
}
]
}
]
}
]
}
}
}
}
}
You can then run ssh -p 8443 username@localhost, and it’ll wrap the connection in TLS to upstream, which is then unwrapped into ssh again.