Darren Tucker dtucker at
Tue Jan 17 09:20:52 AEDT 2017

On Tue, Jan 17, 2017 at 1:30 AM, Romain Vimont <rom at> wrote:
> As a consequence, in particular, a SOCKS5 server started with "ssh -D"
> cannot proxify UDP packets.
> Are there deep reasons why OpenSSH does not implement them (security, or
> whatever)?

ssh -D accepts SOCKS CONNECT requests and maps them to SSH
"direct-tcpip" requests (see RFC4254 section 7.2).  These are only
defined for TCP, there's no equivalent for UDP.

Darren Tucker (dtucker at
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

More information about the openssh-unix-dev mailing list