remote port forwarding with dynamic port on the far end

Latchesar Ionkov lucho at
Sun Jan 21 16:14:14 EST 2007


I would like to use ssh in a quite a strange setup. For every ssh
connection the near end starts a service (listening on a free TCP
port) that has to be available to the program running on the far end.
I would like to have the connection going through SSH (for encryption)
so I decided to use remote port forwarding. The problem is that there
could be multiple connections of that type to the remote box, so I
cannot use constant port on the far end.

The first question I have is whether a (fairly trivial) patch that
allows ssh -R 0:host:hostport for unprivileged user is going to be
accepted? bind on a zero port will pick a free port on the far end,
exactly what I need.

-R 0:host:port dynamically chosing the port on the far end is not very
useful if I don't know the port that was chosen by the system :) So
the second question is whether it is acceptible to add a new
environment variable passed to the client (say SSH_FORWARDS) that
lists all port forwards that the client initiated?


More information about the openssh-unix-dev mailing list