Hi! Some vnc clients has '-via ssh_gateway' option to simplify the setup of ssh port forwarding. Basically the option implements the following 3 steps: 1. Find local port available for listening. 2. Fork/exec ssh -L found_port:vnc_host:vnc_port ssh_gateway sleep some_delay 3. Connect to the found_port Although convenient the setup has its problems. First, it exposes the remote vnc port for everybody on the localhost for the duration of some_delay. Second it can cause connection at step 3 to fail if it would take a long time for ssh to setup the forwarding. Now all this can be avoided if vnc would simply use stdin/out from ssh as a communication channel and make sure that ssh would forward the remote port to it. Currently I did it using netpipes, http://web.purplefrog.com/~thoth/netpipes/netpipes.html , but it does not seem right to execute an additional process copying megabytes of tcp trafic from vncserver to stdin/out just so ssh can forward it one more time. So it would be nice if ssh can forward a port to stdin/out on its own. AFAICS for ssh2 it would require to modify only ssh client, right? Regards, Igor
Igor Bukanov wrote:> Although convenient the setup has its problems. First, it exposes the > remote vnc port for everybody on the localhost for the duration of > some_delay. Second it can cause connection at step 3 to fail if it > would take a long time for ssh to setup the forwarding. > > Now all this can be avoided if vnc would simply use stdin/out from sshI believe you are working around a lack of feature in sshd: sshd should be able to choose a free port and forward that port, but, as for now, it isn't. I've been working on a patch against 4.0p1 for a while (see thread http://www.mindrot.org/pipermail/openssh-unix-dev/2005-March/022829.html and relative follow-ups) that would implement said feature, but it has been rightly rejected. Now I have to find the time to fix the bugs and recode the patch against latest CVS or against 4.1. I plan to work on it and have it approved within the end of june, but don't rely too much on that. Lucio.
On 5/2/05, Lucio Crusca wrote:>I believe you are working around a lack of feature in sshd: sshd should > be able to choose a free port and forward that port, but, as for now, it > isn't.I do not think so. What I would like to do is to replace the current invocation (where hose is from http://web.purplefrog.com/~thoth/netpipes/hose.html): ssh remote_host hose localhost 5901 --netslave by ssh -oForwardStdInAndOut=localhost/5901 remote_host In this way a process (hose) that simply copy megabytes of vnc traffic would be eliminated decreasing latency. BTW, what would be a better name then ForwardStdInAndOut ? Regards, Igor
Reasonably Related Threads
- forwarding data ?
- [PATCH v2 03/16] drm/dp_mst: Restart last_connected_port_and_mstb() if topology ref fails
- [PATCH v5 07/20] drm/dp_mst: Restart last_connected_port_and_mstb() if topology ref fails
- [WIP PATCH 03/15] drm/dp_mst: Introduce new refcounting scheme for mstbs and ports
- [WIP PATCH 03/15] drm/dp_mst: Introduce new refcounting scheme for mstbs and ports