On 27/05/15 01:22, Kasper Dupont wrote:
On 26/05/15 18.29, Daniel Kahn Gillmor wrote:
On Tue 2015-05-26 17:42:40 -0400, Kasper Dupont wrote:
But it does not address all my requirements. I have a
requirement that the hostname being used must be visible
to the administrator of the SSH server. And it must be
visible with minimal effort without requiring any software
changes on the server.
The patch you're sending is a software change :)
My requirements only said no software changes on the server.
It was clear to me very early on, that some changes were
needed on the client side.
Whether the client side changes can be done as a
ProxyCommand remains an open question. But it is certain
that a modification of the ssh client would cover all my
needs.
...with a modified server that acts as a proxy.
I need the proxy to communicate with an unmodified server.
And I need this communication to include the hostname for
the administrator of said server to see. Whether the
administrator would have to look in a logfile or a packet
capture in order to see the hostname is not important.
An unmodified *final server* or *proxy server*? The final server
would obviously work being unmodified. The proxy server could have
modifications or not (perhaps not being a ssh server at all).
And why do you need the server administrator (the administrator
of the proxy?) to see the hostname? (the proxy logs would contain it,
but placing the burden on getting the administrator see the hostname,
instead of the proxy obtaining it, is strange)
I believe that once I have an answer to how the proxy can
communicate the hostname to the server, then everything
else will follow.
Are you trying to solve a XY Problem ?
http://xyproblem.info/
I don't yet know a way to acheive my desired result using
just a ProxyCommand. But with the following change and a
ProxyCommand, I believe I would be able to achieve what I
am looking for.
You only need a command that is able to connect to hostname
"foo" over proxy "bar", and a proxy server of type "bar" installed
in the ipv4 bridging machine.
No changes to ssh binaries are needed.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev