Feature Request: socket-passing support in ssh client
rsbecker at nexbridge.com
rsbecker at nexbridge.com
Fri Jan 14 10:11:20 AEDT 2022
On January 13, 2022 6:01 PM, Darren Tucker wrote:
> On Fri, 14 Jan 2022 at 03:17, Chris Mitchell <ssh-list at chris.oldnest.ca>
> wrote:
>
> > What I hope to accomplish is on-demand activation of ssh port forwards.
> > I gather that the OpenSSH server's -i flag is essentially what I'm
> > looking for, in which something like inetd or systemd already has port
> > 22 open and passes it to sshd at launch. As far as I understand
> > things, the OpenSSH *client* has no similar capability, which is
> > unsurprising given that it's not a server. ;-)
> >
>
> It's not exactly what you ask for later, but it's the exact counterpart
for sshd -i: you
> can run ssh under inetd (or similar) in "netcat mode" (-W), where it will
pass data
> on stdin/out to a remote port forward. You'd put something like this in
inetd.conf:
>
> ssh -W destinationhost:port intermediatehost
>
> and set it up with passwordless auth. This will bring up the connection
on demand,
> but the caveat is that there will be one SSH connection per forwarded TCP
> connection, not many multiplexed TCP connections within a single SSH
> connection. I've used this construction in the past for various
shenanigans such as
> routing low-volume mail and accessing backup servers between networks
without
> direct connections.
For multiplexed connections, would not local port forwarding be a better
architecture? It does not pass off sockets but allows on-demand access.
--Randall
More information about the openssh-unix-dev
mailing list