Portforwarding using the control master.
dvorak
dvorak at xs4all.nl
Fri Jun 20 00:10:03 EST 2008
> Hi Dvorak,
>
> On Thu, Jun 19, 2008 at 2:25 PM, dvorak <dvorak at xs4all.nl> wrote:
>
> > Any comments?
>
> If I understand you correctly, you wish to forward connections from a
> unix domain socket on a local machine to network ports on a remote
> machine. And given that in most situations, clients will have been
> written to connect to network ports, you'll write a patch for socat
> allowing for network ports on a local machine to be forwarded to the
> unix domain socket in question.
>
> But while socat is running in this capacity, how will this provide any
> greater security than the current network-port-to-network-port
> forwardings?
If the other side of socat is a normal listening socat this is indeed the
case. However if used with for instance the ssh ProxyCommand it is just
one connection without a locally listening counter part.
My inteded usage is something like:
ssh -o "ProxyCommand socat - SSH-SOCKS:/path/to-master:%h:%p" user at box2
>
> Hamish
>
Dvorak
More information about the openssh-unix-dev
mailing list