Barnim Dzwillo
2021-Nov-30 16:23 UTC
[announce] user based ssh2proxy using the openssh libssh.a api
Hello, A sshproxy for the ssh2 protocol, which allows to select different ssh backend hosts based on the ssh username, is availabe here: https://github.com/bdzwillo/ssh2proxy The proxy implements the client-side and server-side connections using the api of the libssh.a provided by the openssh project. This allows the proxy code to stay in sync with openssh updates and bugfixes. Features: - the ssh2proxy allows users of multiple sshservers to access the ssh service through a single endpoint. - the proxy supports ssh2 password & pubkey authentication. - for public key authentication the ssh2proxy has to use a different authentication scheme for the backend connection. The current implementation allows to switch to hostbased authentication for the backend. - the backend host for each user can be configured in the sshproxy config file. For more complex setups it is possible to add a special switch module to the implementation. - to allow transparent operation for a client, the ssh2proxy has to use the same hostkeys as the backend ssh servers. With different hostkeys a client with existing known_hosts entries would notice the proxy as a man-in-the-middle. The current version is built on top of openssh-8.2p1. Perhaps this could be useful for some network setups. Thanks, Barnim -- Barnim Dzwillo STRATO AG, Pascalstrasse 10, 10587 Berlin Shared Hosting Development