[Bug 1572] accept SOCKS requests over the mux socket in master mode
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Fri Mar 13 02:27:49 EST 2009
https://bugzilla.mindrot.org/show_bug.cgi?id=1572
--- Comment #3 from Salvador Fandiño <sfandino at yahoo.com> 2009-03-13 02:27:48 ---
Discussion about this feature taking place in
openssh-unix-dev at mindrot.org
On Mar 11, 2009, at 1:21 PM, Jim Knoble wrote:
> > Circa 2009-03-11 10:27 dixit Ben Lindstrom:
> >
> > : I'm concerned that people will become confused since -M -S combo has
> > : been resevered for multiple ssh terminal sessions over a single
> > : tunnel. I'd rather see it more clear like:
> > :
> > : ssh -D -M -S /tmp/mux 172.20.3.12 -N -f if you want multiple
> > tunnels
> > : + SOCK support
> > : ssh -D -S /tmp/mux .. if you just want SOCKS support instead of a
> > PORT
> > :
> > : Which means an error needs to be throw on
> > :
> > : ssh -Dxxx -S xxxx
> >
> > The above means that you can't separate permissions for the mux socket
> > and the SOCKS socket.
> >
> > Better to create a dedicated SOCKS socket, no?
> >
> > ssh -D /tmp/ssh-socks-socket ...
> >
> > That is, '-D' may accept either an IP address or a filesystem path.
> > Reserve '-S' for use with multiplexing sockets. This way, one can:
> >
> > ssh -D /tmp/ssh-socks-socket -M -S /tmp/ssh-mux-socket ...
> >
> > and allow more than one user to use the SOCKS connection while keeping
> > the mux socket more private.
> >
> > This also makes the '-D' syntax consistent and sensible.
> >
That works for me. I just found the mutation and corruption of -M -S
to be a bit dodgy when we already have a -D that is clearly tagged as
being a socks4/5 server functionality flag.
- Ben
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list