Feature to connect two hidden hosts trough sshd
Damiano Bolla
openssh.dev at engidea.com
Fri Dec 6 22:01:32 AEDT 2019
Good morning
I am inquiring if the following feature is in any way planned or if there is any interest to pool manpower to do it:
The scope of the feature: Allow two hosts in private networks to share a port (typically to run VNC over it)
How it would be used:
- Companies or individuals would buy a public host in a cloud provider, install sshd in it with a public IP eg: 194.177.12.12
when host A with private ip eg: 192.168.1.1 wants to establish a VNC connection to host B with private IP eg: 192.168.2.2 this
should happen
- Host A does: ssh [forward port 5901 and bind user damiano] 194.177.12.12
- Host B does: ssh [incoming port 5901 and bind as user damiano] 194.177.12.12
what happens is
- 194.177.12.12 has a list of permitted "bindings" and one of them is damiano
- When host A connects to 194.177.12.12 and binds to user damiano it tells to SSHD that it wants to forward the given port to the
binding
- When host B connects to 194.177.12.12 and binds to user damiano it tells to SSHD that it wants accept forward data to the given
port to the binding
As far as I see, there is no extra level of authentication on the bindings (binding name can be any string, even numeric) since the
ssh connection is authenticated.
The question again is if this is in any way a planned feature or if there is any interest in doing it from anybody.
Yes, I can get down to work on doing it
Thanks
More information about the openssh-unix-dev
mailing list