openssh bugs - Feb 2015 - [Bug 2347] New: permitopen doesn't work with unix domain sockets

https://bugzilla.mindrot.org/show_bug.cgi?id=2347

            Bug ID: 2347
           Summary: permitopen doesn't work with unix domain sockets
           Product: Portable OpenSSH
           Version: 6.7p1
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: mail at mpopp.eu

Hi,

thank you for the 6.7 release and the nifty feature to support binding
remote tunnels to unix domain sockets.

Unfortunately the permitopen command doesn't support domain sockets as
well.

If I put the following in my /home/user/.ssh/authorized_keys file:
permitopen="/tmp/asdf" ssh-ed25519 AAAA...

I get the following error message:
Feb  1 19:20:54 client sshd[62063]: Bad options in
/home/user/.ssh/authorized_keys file, line 1:  ssh-ed25519 AAAA..

It would be great, if could have a look at the code and add support for
using unix domain sockets together with permitopen.

I have had a look at the code, but I couldn't provide a fix :-(

Regards

Marcus

P.S. Greetings Markus from your old fellow :-)

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2347

Marcus Popp <mail at mpopp.eu> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |DUPLICATE

--- Comment #1 from Marcus Popp <mail at mpopp.eu> ---


*** This bug has been marked as a duplicate of bug 2038 ***

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2347

Marcus Popp <mail at mpopp.eu> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|DUPLICATE                   |---
             Status|RESOLVED                    |REOPENED

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2347

openssh at funkthat.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |openssh at funkthat.com

--- Comment #2 from openssh at funkthat.com ---
Please implement this feature.  I tried to do this myself, but getting
testing and what looks like threading support through all the calls
that need it is too complicated for someone who doesn't know the code
base w/o possibly opening up a security hole.

The unix domain sockets feature is not completely w/o this.  For my use
case, w/o this support, there is no point is using this, and I'll be
looking at another tool.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2347

Jernej Jakob <jernej.jakob at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Version|6.7p1                       |9.3p1
                 CC|                            |jernej.jakob at gmail.com

-- 
You are receiving this mail because:
You are watching the assignee of the bug.