SSH as discard server?

rapier rapier at
Sat Aug 7 01:09:41 AEST 2021

Before I go about reinventing the wheel I thought I would ask here.

I'm doing some development in SSH and it would be helpful if I could 
isolate certain aspects of what I am working on. What I would like to do 
is have an SSH aware discard server that accepts an inbound connection 
from an SSH client and then dumps every incoming packet into a black 
hole. I don't want to process, decrypt, or otherwise do anything with 
those packets post authentication. Switching to a none cipher won't work 
as it would require both ends to renegotiate to none. Likewise, just 
redirecting the output to /dev/null means I'm still spending cycles 
decrypting and verifying the HMAC.

So does anyone know of any existing implementations that can do this? If 
not, does anyone have any suggestions as to where to start? I'm thinking 
that adding a new CFLAG so I can do a discard in in cipher_crypt would 
be reasonable but I wanted to get any thoughts people might have.

e.g. 	if ((cc->cipher->flags & CFLAG_DISCARD) != 0) {
		return 0;



More information about the openssh-unix-dev mailing list