Port forwarding feature suggestion: bind to port 0

Yaniv Aknin yaniv at aknin.name
Sat Aug 2 20:34:29 EST 2008


Hi,

Sometimes it's desirable to bind a port forward to port 0: especially when
scripting port forwarding, and more especially so with the '-f -N' options.

The version of OpenSSH bundled with OSX (4.7p1) accepts '-L 0:192.168.1.1:22',
but only if ran as root (I guess this was more an accident than a feature).
I saw that the current version (5.1p1) will decline such an options, saying
'Bad local forwarding specification'.

I think that's a shame and would like to suggest a feature that would
further ease port forwarding; namely, not only allow port 0 forwarding, but
also have ssh automagically get the chosen port number from the kernel with
getsockname and print it out.

It's debatable whether it's worthwhile to add a new option that will make
the printout easily machine parseable (say, '-P', and then the only output
would be the string representation of the socket, with no further text).

The exact same should be done with remote port forwarding.

I guess this would be a trivial change for anyone with any OpenSSH hacking,
but if the list would accept this feature and no one would like to jot it
while munching morning cereals or something, I'll be happy to code it and
submit a diff.

 - Yaniv

A bit off topic, but I have to say this:
I'm an avid fan (and a humble recurring donator...) of OpenSSH for years
now, I think when combining all the metrices of good software, it's one of
the best on the planet. Thank you to all submitters wherever you are.


More information about the openssh-unix-dev mailing list