tunnel interface names

dev at cyphermonks.org dev at cyphermonks.org
Wed Jun 6 03:17:05 AEST 2018

the patch has been worked on in the meantime. state is:
- internally, device-id variables changed to device-name
- additional tuntap channel type (identical to tun channel type except tuntap uses full device names instead of device ids), configured by option PermitTunTap analogous to PermitTunnel, so both types can be configured individually and tuntap is - like tun - disabled per default so on upgrade it will not be enabled by accident
- option TunnelChannelType for the client to select channel type for tunneling, default is tun, in case of tun channel type client uses conventional id syntax for device-id (like "any:0"), to be fully compatible. ids are converted from/to names on in-/output. (with tuntap, syntax is like ":tun0", with emptystring = autoselect just like 'any' with tun)
- authorized_keys option tunnel= now can optionally match the client-provided name with a pcre pattern (if argument starts with /, the rest is the regex pattern)
- also added a PidFile option for client (was kind of missing for automated setups)
- man pages updated for all this

also no leaked memory should be left. imho there's no ugly parts left. would be great if sbdy more familiar with openssh development could 'audit'/improve/give feedback. the url is the same: https://cyphermonks.org/openssh-7.6p1-devicenames.patch

More information about the openssh-unix-dev mailing list