On 15 January 2016 at 06:54, Thomas ☃ Habets <habets@xxxxxxxxxx> wrote: > >> * SSH with "-oTCPMD5=foobarSecret" > > Have you considered making this a stand-alone tool? Something that > > listens and execs sshd -i on the server side and could be used as a > > ProxyCommand on the client side. That'd be potentially usable by > > other services. > No I hadn't. Good idea. > > I think there may be some aspects you'd be missing out on (or > reimplement, or outsource to e.g. inetd), such as (account) password > brute force protection. I haven't tried it, but I suspect sshd -i > can't limit to 10 concurrent preauth sessions each getting one attempt > per second which sshd otherwise does by default. I've now made this and cleaned it up so that it's a usable start. https://github.com/google/tcpauth Pull requests welcome. -- ☢ Thomas ☢ _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
