openSSH 5.8p2 BindPort patch

[Rory McNamara]

>possibly, although it's more likely that it'll be IO bound on the
>network.  Try it.
./ssh -B 10000 -i ~/.ssh/id_rsa USER at HOST -p 443 'find /'
3.046 seconds
./ssh -o "ProxyCommand=nc -p 10000 %h %p" -i ~/.ssh/id_rsa USER at HOST
-p 443 'find /'
2.592 seconds

This is over the internet, to a ddwrt router.
This therefore shows that my patch is slower by 0.5 seconds in this
instance. However, i still believe it is of benefit if you need to use
something else for your ProxyCommand

>In that case, how do you do use the bindport at all?  Using a
>proxycommand doesn't allocate a tcp socket.

The proxy im trying to get through only allows ssl on ports 443 from
port 443, i have no idea why, but it means i have to set the source
port to be 443 and the destination port to be 443, as well as the
proxycommand to be able to get through it.

On Tue, Jul 19, 2011 at 12:41 PM, Darren Tucker <dtucker at zip.com.au> wrote:
> On Tue, Jul 19, 2011 at 8:42 PM, Rory McNamara
> <pink.banana.fish at gmail.com> wrote:
>> Surely that would be slower, becuase the data has to pass through a
>> pipe to get to nc?
>
> possibly, although it's more likely that it'll be IO bound on the
> network.  Try it.
>
>> and also, in my specific use case, i need to use
>> ProxyCommand for corkscrew to pass through a proxy with ntlm auth.
>
> In that case, how do you do use the bindport at all?  Using a
> proxycommand doesn't allocate a tcp socket.
>
>> P.S I'm new to mailing lists, do i click 'Reply', or 'Reply to all'?
>
> Depends.  I always "reply all" unless the poster has set a reply-to field.
>
> --
> Darren Tucker (dtucker at zip.com.au)
> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
>     Good judgement comes with experience. Unfortunately, the experience
> usually comes from bad judgement.
>