Brian J. Murrell
2010-Jan-22 16:50 UTC
moving X11 portforwarding out into a "plugin" framework
I think everyone will admit that X11 forwarding has been an incredible feature in [open]ssh. X11 is not the only local->remote protocol that might be useful across an SSH session however. But having to hack the code for new protocols as they come around seems silly. Wouldn't it be more useful to be able to describe a protocol that needs forwarding and some configuration that might need doing on each end outside of the source code? Then as new applications come along that could take advantage of port forward- ing can "plug in" to this system and get their protocols forwarded across X without having to hack the openssh code and push it upstream, etc. I would imagine on the local side, the ssh client would need to be able to forward into unix and ipv4/6 sockets and on the remote side one would need to be able to possibly create sockets and/or set environment variables, etc. Thots? b.
Brian J. Murrell wrote:> X11 is not the only local->remote protocol that might be useful > across an SSH session however.Besides TCP it's the only one specified by the standards though. //Peter
Damien Miller
2010-Jan-23 20:14 UTC
moving X11 portforwarding out into a "plugin" framework
On Fri, 22 Jan 2010, Brian J. Murrell wrote:> I think everyone will admit that X11 forwarding has been an incredible > feature in [open]ssh. X11 is not the only local->remote protocol that > might be useful across an SSH session however. > > But having to hack the code for new protocols as they come around > seems silly. Wouldn't it be more useful to be able to describe a > protocol that needs forwarding and some configuration that might need > doing on each end outside of the source code? > > Then as new applications come along that could take advantage of port > forward- ing can "plug in" to this system and get their protocols > forwarded across X without having to hack the openssh code and push it > upstream, etc. > > I would imagine on the local side, the ssh client would need to be > able to forward into unix and ipv4/6 sockets and on the remote side > one would need to be able to possibly create sockets and/or set > environment variables, etc.You should be able to do most of what you want using a Subsystem (see sshd_config) and a helper program on the client side. -d
Darren Tucker
2010-Jan-23 22:11 UTC
moving X11 portforwarding out into a " plugin" framework
Alex Bligh wrote:> Really? Is -w / tun device standardized? The only docs I could > find were in the source.tun is a vendor extension: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL?rev=HEAD -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.