stdio to port forward?
Dan Kaminsky
dan at doxpara.com
Mon May 24 05:02:50 EST 2004
All--
I'm attempting to implement something I've wanted for a while...a
stdio link to a TCP port forward, at least for SSH2, but preferably for
either protocol. There's certainly no technical reason this can't be
done, but the vagaries of terminal / file descriptor handling are posing
something of a challenge.
Does anyone have any suggestions for "correct" approaches for this?
I absolutely don't want to simply fork off a version of SSH in the
background and connect() to its port forward -- that's quite hijackable,
and simply inelegant. Attempts to alter SSH2's initial channel type to
direct-tcpip seem to be failing too, even if I packet_put_cstring/int
the appropriate values. Not asking for anyone to code this up for me
(though -Whost:port is the planned syntax), just could use a conceptual
guide. Again, SSH1 support would be some definite gravy.
End goal is to finally fix the trojaned ssh client problem, by
allowing end to end crypto semantics through bastion hosts. Shutting
down the ssh usage hole that's led to major compromises for Apache and
Sourceforge would be very, very nice.
--Dan
More information about the openssh-unix-dev
mailing list