tunnel interface names

dev at cyphermonks.org dev at cyphermonks.org
Wed May 30 05:10:52 AEST 2018

the fact that ssh insists on tap* and tun* tun/tap-device-names is a real nag and prevents from nice and easy solutions in some cases.
the channel type used for tun/tap forwarding is tun at openssh.com, and it defines the remote tunnel id to be integer.
so from what i understood these packet definitions are static per channel type, so for compatiblity the tun at openssh.com type has to stay, untouched, and a new channel type seems to be necessary. the client will need some option to select between the two tunnel channel types, for example a ssh_config option TunnelChannelType with options tun|tuntap. switching tunnel device handling from id to name seems not to be a problem - only issue is that syntax for device config has to change from e.g. 0:0 to tun0:tun0.
so the following patch is what came out when checking this for feasibility - it just works. of course i'd say this feature should go upstream - but i guess in any case the patch (against 7.6p1) needs some experienced openssh developer to look it over (and probably mend some ugly stuff).
turns out the patch actually is a bit lengthy, so to avoid anyone feeling spammed, it can be found here: https://cyphermonks.org/openssh-7.6p1-devicenames.patch

More information about the openssh-unix-dev mailing list