[Bug 2348] allow ssh to connect to a unix domain socket
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Wed Nov 8 13:43:21 AEDT 2017
https://bugzilla.mindrot.org/show_bug.cgi?id=2348
daniel.black at au.ibm.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |daniel.black at au.ibm.com
--- Comment #1 from daniel.black at au.ibm.com ---
0. Fun (aka over engineered workaround)
1. Listen and forward
set up a ssh listen on a unix socket:
socat UNIX-LISTEN:/tmp/ssh.sock,fork TCP:server1:22
2. bit of ssh_config magic:
host /*
ProxyCommand /home/dan/socket-ssh.py %h
ProxyUseFdpass yes
ControlMaster no
ControlPath none
3. script magic
(shamelessly modified from
http://www.gabriel.urdhr.fr/2016/08/07/openssh-proxyusefdpass/)
$ cat /home/dan/socket-ssh.py
#!/usr/bin/env python3
import sys
import socket
import array
# Create the file descriptor:
s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM, 0)
s.connect(sys.argv[1])
# Pass the file descriptor:
fds = array.array("i", [s.fileno()])
ancdata = [(socket.SOL_SOCKET, socket.SCM_RIGHTS, fds)]
socket.socket(fileno = 1).sendmsg([b'\0'], ancdata)
4. test
ssh -o ControlPath=none -v -l danielgb /tmp/ssh.sock
5. success
OpenSSH_7.5p1, OpenSSL 1.1.0f-fips 25 May 2017
debug1: Reading configuration data /home/dan/.ssh/config
debug1: /home/dan/.ssh/config line 81: Applying options for /*
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 58: Applying options for *
debug1: Executing proxy dialer command: exec /home/dan/socket-ssh.py
/tmp/ssh.sock
...
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/dan/.ssh/id_rsa
debug1: Server accepts key: pkalg rsa-sha2-512 blen 279
debug1: Authentication succeeded (publickey).
Authenticated to /tmp/ssh.sock ([/tmp/ssh.sock]:0).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: exec
debug1: client_input_global_request: rtype hostkeys-00 at openssh.com
want_reply 0
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: getsockopt TCP_NODELAY: Operation not supported
debug1: Sending environment.
debug1: Sending env LANG = en_AU.UTF-8
debug1: Sending env LANGUAGE =
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list