Patch for Socks5 support for dynamic portforwaring?

Dan Kaminsky dan at
Wed Jun 25 06:47:32 EST 2003

Alex Peuchert wrote:

>just to enlighten my ignorance ;-)
>Why was Socks5 support removed from openssh?
>I also could see some useful applications for SOCKS5 over SSH ...
This is a slightly different use of SOCKS than most people know about; 
using it to drive SSH port forwarding.  So you don't run a VPN server or 
anything of the sort; you just SSH in and watch all your TCP sockets get 
routed through SSH.  It's really nice.

With SOCKS4, only the TCP sockets are wrapped; the DNS necessary to set 
packet IPs isn't.  So with SOCKS4, we leak.

SOCKS5 wouldn't.  I understand HTTP parsing is a bit complicated, but I 
can't see why we should be intentionally not supporting a more secure 


More information about the openssh-unix-dev mailing list