[Bug 2740] New: provide a way of forwarding a Unix-domain socket to user's runtime (home) directory
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Mon Jul 10 19:58:21 AEST 2017
https://bugzilla.mindrot.org/show_bug.cgi?id=2740
Bug ID: 2740
Summary: provide a way of forwarding a Unix-domain socket to
user's runtime (home) directory
Product: Portable OpenSSH
Version: 7.5p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: ueno at gnu.org
This is originally requested as:
http://marc.info/?l=openssh-unix-dev&m=149763004321855&w=2
Currently, the Unix-domain socket forwarding only accepts absolute
paths, which requires knowledge about the remote file-system layout.
It would be useful if one could forward a Unix-domain socket without
specifying the full path name of the socket on the remote end.
There are couple of use-cases:
- gpg-agent forwarding uses this syntax:
RemoteForward /home/<user>/.gnupg/S.gpg-agent
/home/<user>/.gnupg/S.gpg-agent.extra
https://wiki.gnupg.org/AgentForwarding
- smart card forwarding with p11-kit uses /run/user/$UID/p11-kit
https://fosdem.org/2017/schedule/event/smartcard_forwarding/
On the mailing list, it was suggested to call a remote script to
determine the path instead of letting sshd resolve the path. However,
although the approach could be more flexible, it requires extra
complexity in the client implementation due to the additional
round-trip.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list