Am Do, 22. Feb 2018, 11:53:52 +1100 schrieb Damien Miller:
> On Wed, 21 Feb 2018, Jö Fahlke wrote:
> > Good point, I did not check that before, so I tried now (with tsocks on Debian
> > stretch and the "ssh -D" socks port on a random port on localhost) and got
> > mixed results. Generally, anything name-lookup related does not seem to work
> > and I have to use IP addresses.
>
> Yeah, IMO it would be better to write a small userspace NAT helper e.g.
> using IPPROTO_DIVERT that proxied things via SOCKS (assuming someone
> hasn't already done this).
Although dante's socksify does some trickery to support name lookup. They
seem to make up an IP address for each requested name and keep a database of
those around. Works well enough for firefox.
Here is how that looks like:
======================================================================
joe@paranoia:~$ SOCKS5_SERVER=127.0.0.1:7778 socksify getent hosts sky-bmc
epic-bmc
0.0.0.1 sky-bmc
0.0.0.2 epic-bmc
joe@paranoia:~$ SOCKS5_SERVER=127.0.0.1:7778 socksify ssh epic-bmc
The authenticity of host 'epic-bmc (0.0.0.1)' can't be established.
RSA key fingerprint is SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
Are you sure you want to continue connecting (yes/no)? ^C
======================================================================
Regards,
Jö.
--
Jorrit (Jö) Fahlke, Institute for Computational und Applied Mathematics,
University of Münster, Orleans-Ring 10, D-48149 Münster
Tel: +49 251 83 35146 Fax: +49 251 83 32729
Spaß mit I18N. Hier StumpWM/clisp:
WARNUNG: DEFUN/DEFMACRO(GET-WM-CLASS): #<PACKAGE XLIB> ist abgeschlossen.
Das Schloss umgehen und weitermachen.
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
