Unix socket support for sshd
David Goulet
dgoulet at torproject.org
Thu Feb 4 23:40:39 AEDT 2016
Greetings everyone!
I would like to know if adding support for Unix socket to sshd would be a
feature that would be consider to be added upstream? (ListenAddress).
One of the main reason for this question to you all is that tor now has Unix
socket support for hidden services that is traffic of a hidden service can be
forwarded to a Unix socket (see HiddenServicePort in tor.1). The rationale
behind that is basically so someone can set up a server with no inet traffic
allowed (firewall, namespace, <insert sandboxing tech>) _except_ for the tor
daemon and use hidden service to access services on the local machine using
only Unix socket, in this case ssh.
That being said, if you wouldn't object to this feature being added to ssh,
I'm willing to implement it and make the efforts for upstream merge. But
before I do start the work, I would like to make sure it's something that
won't get an automatic NACK just based on the original idea :).
Big thanks!
David
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 603 bytes
Desc: Digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20160204/cb9ceaee/attachment.bin>
More information about the openssh-unix-dev
mailing list