Feature proposal: ProxyUseFdpass-like behavior for a regular ssh session

Damien Miller djm at mindrot.org
Thu May 27 14:25:23 AEST 2021

On Wed, 26 May 2021, Spencer Baugh wrote:

> Hi,
> I have a feature that I'd like to implement if it's acceptable to the
> OpenSSH developers.
> In short, I'd like to implement a mode for running an ssh session which
> functions like ProxyCommand+ProxyUseFdpass: the specified command is
> passed a socketpair, and is then expected to pass out a file descriptor;
> IO from the client will then be forwarded to and from that file
> descriptor.
> This is similar to -W, except that instead of forwarding stdin to a
> socket connected to a specified host and port, stdin is forwarded to an
> arbitrary file descriptor as passed out by the command.

This is basically how the multiplexing protocol works right now.
Take a look at mux.c:mux_client_request_session() - it passes the
stdin, stdout and stderr fds to the primary multiplexing process.

>From what you describe, you couple probably use this facility with
a custom client that spoke the simple (but undocumented) multiplexing
protocol to do what you need.


More information about the openssh-unix-dev mailing list