Patch: open port forwards from slave

Hamish Allan hamish at gmail.com
Thu Nov 8 05:23:48 EST 2007


On Oct 30, 5:57 am, Martin Forssen <maf at appgate.com> wrote:

> So I patched openssh to make it possible to add port forwards via a slave process.

Hi Martin,

Thank you very much -- I've recently been meaning to write something
like this myself (but then my firstborn arrived!)

I was also wondering about making it "fully transparent", i.e., when
the slave exits it would send a message to the master to remove the
forwarding -- that is to say, the behaviour a user sees is the same
whether or not they're using a ControlMaster. For this, "ssh -NL ..."
would not exit straight away as per your patch, but block waiting for
interrupts (although it wouldn't actually be fully transparent,
because if the slave were SIGKILLed the forwarding would remain. Also
it would maybe be kind of weird if a slave "ssh -fNL" left a blocking
process).

I would also find it useful to have a behaviour like your patch in
which the slave adding the forwarding returns immediately, but I
wonder if this might best be served using "-O" control messages as per
Torsten's original patch, with commands for removing and listing
forwardings too.

Finally, I was thinking it might be nice if commands passed using "-O"
and commands typed at the ~C "ssh>" prompt were the same commands.

Do you have any opinion on interface best practice in this respect?
Damien, did you have any thoughts on removing or listing forwardings
in your planned approach?

Best wishes,
Hamish


More information about the openssh-unix-dev mailing list