OpenSSH-based socket forwarder

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

OpenSSH-based socket forwarder

Demi M. Obenour
I have found myself using OpenSSH for its forwarding abilities,
without actually using the remote shell feature.  In these cases, the
connection itself is over Xen shared memory, so I have no need for any
of the cryptography.

While allowing unencrypted SSH connections is obviously a bad
idea, I would be very interested in adding support for using SSH
as a pure forwarder, to allow forwarding sockets and X11 over an
already-established, secure channel.  While this is probably possible
with libssh, libssh2, or other libraries, OpenSSH’s excellent
security track-record makes it preferred here.

I suggest that ssh(1) and sshd(8) act as the client and server of
this protocol if invoked as forward-client(1) and forward-server(1),
respectively.  The protocol would be spoken over stdin/stdout.

Would there be any interest in this from the OpenSSH maintainers?
I have limited time, but would be willing to test patches.