Feature request: ProxyJump with Unix sockets
Christophe Lohr
lohr at free.fr
Fri Apr 17 23:42:19 AEST 2020
Le 17/04/2020 à 12:29, Stuart Henderson a écrit :
> On 2020/04/17 10:56, Christophe Lohr wrote:
>> Dear developers,
>> The ProxyJump feature is nowadays implemented on the basis of a TCP port forwarding on the jumping host, isn't it?
>> As a result, this is affected by a AllowTcpForwarding=no configuration on the jumping host.
>>
>> So, may I suggest a variant based on Unix sockets (such as -L or -R does).
>>
>> Nice idea, isn't it?
>> Any volunteer to implement this?
> That doesn't make sense, how are you going to connect from the "jump
> host" to an end machine using a unix socket?
>
> (If ssh forwarding is disabled but you are still able to make outgoing
> connections, you can use some "ssh jumphost nc" variant in ProxyCommand
> instead, like we used to do before ProxyJump).
>
Hum hum. I see. My mistake.
It seems I completely misunderstood what ProxyJump does.
In fact, this is an ssh session into an ssh tunnel.
Encapsulation, simply.
I thought this was a way to chain ssh sessions.
As if the jumping-host had some back-to-back ssh agents
(the ssh-daemon bound to an ssh-client to the target host).
Sorry for the mistake. Sorry for the inconvenience.
Best regards.
More information about the openssh-unix-dev
mailing list