Feature request: ProxyJump with Unix sockets

Christophe Lohr lohr at free.fr
Fri Apr 17 23:42:19 AEST 2020

Le 17/04/2020 à 12:29, Stuart Henderson a écrit :
> On 2020/04/17 10:56, Christophe Lohr wrote:
>> Dear developers,
>>   The  ProxyJump  feature is nowadays implemented on the basis of a TCP port forwarding on the jumping host, isn't it?
>> As a result, this is affected by a AllowTcpForwarding=no configuration on the jumping host.
>> So, may I suggest a variant based on Unix sockets (such as -L or -R does).
>> Nice idea, isn't it?
>> Any volunteer to implement this?
> That doesn't make sense, how are you going to connect from the "jump
> host" to an end machine using a unix socket?
> (If ssh forwarding is disabled but you are still able to make outgoing
> connections, you can use some "ssh jumphost nc" variant in ProxyCommand
> instead, like we used to do before ProxyJump).

Hum hum. I see. My mistake.
It seems I completely misunderstood what ProxyJump does.

In fact, this is an ssh session into an ssh tunnel.
Encapsulation, simply.

I thought this was a way to chain ssh sessions.
As if the jumping-host had some back-to-back ssh agents
(the ssh-daemon bound to an ssh-client to the target host).

Sorry for the mistake. Sorry for the inconvenience.

Best regards.

More information about the openssh-unix-dev mailing list