"Virtual hosts" for ssh

Dan Kaminsky dan at doxpara.com
Sat Jun 8 18:34:34 EST 2013

Actually this isn't a bad idea. Seems like it's at the right layer, doesn't require protocol rework, and exists in a namespace OpenSSH can reasonably claim to own.  Only the client needs patching to upgrade the entire server space!  Looks like a useful feature to have on by default, with pretty deep historical evidence that sharing perceived DNS name is operationally valuable.  Not seeing a security impact; some concern about subsystems/sftp, but no need to block on that.

I like it!  I'll write a patch if nobody else will.

Sent from my iPhone

On Jun 7, 2013, at 5:02 PM, Johannes Ernst <johannes.ernst at gmail.com> wrote:

> It'd be very cool if ssh supported something like Apache "virtual hosts". This would make it much more viable to host multiple installs of git on the same server, for example.
> More details:
> On the remote server, ssh already sets some environment variables:
>> printenv | grep SSH
> SSH_CLIENT= 50945 22
> SSH_TTY=/dev/pts/1
> SSH_CONNECTION= 50945 22
> What about adding another, say
> Assuming that /etc/hosts
> host1 host2
> then
> ssh user at host1
> and
> ssh user at host2
> would lead to a shell on the same host with the same user, but SSH_SERVER_HOST would be different, and that would allow the creation of a script that, for example, could find the correct git repository given the virtual hostname. This is currently not possible because the script only has IP addresses.
> Presumably that would not be too hard to do?
> Cheers,
> Johannes.
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

More information about the openssh-unix-dev mailing list