Am Do, 22. Feb 2018, 11:53:52 +1100 schrieb Damien Miller: > On Wed, 21 Feb 2018, Jö Fahlke wrote: > > Good point, I did not check that before, so I tried now (with tsocks on Debian > > stretch and the "ssh -D" socks port on a random port on localhost) and got > > mixed results. Generally, anything name-lookup related does not seem to work > > and I have to use IP addresses. > > Yeah, IMO it would be better to write a small userspace NAT helper e.g. > using IPPROTO_DIVERT that proxied things via SOCKS (assuming someone > hasn't already done this). Although dante's socksify does some trickery to support name lookup. They seem to make up an IP address for each requested name and keep a database of those around. Works well enough for firefox. Here is how that looks like: ====================================================================== joe@paranoia:~$ SOCKS5_SERVER=127.0.0.1:7778 socksify getent hosts sky-bmc epic-bmc 0.0.0.1 sky-bmc 0.0.0.2 epic-bmc joe@paranoia:~$ SOCKS5_SERVER=127.0.0.1:7778 socksify ssh epic-bmc The authenticity of host 'epic-bmc (0.0.0.1)' can't be established. RSA key fingerprint is SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. Are you sure you want to continue connecting (yes/no)? ^C ====================================================================== Regards, Jö. -- Jorrit (Jö) Fahlke, Institute for Computational und Applied Mathematics, University of Münster, Orleans-Ring 10, D-48149 Münster Tel: +49 251 83 35146 Fax: +49 251 83 32729 Spaß mit I18N. Hier StumpWM/clisp: WARNUNG: DEFUN/DEFMACRO(GET-WM-CLASS): #<PACKAGE XLIB> ist abgeschlossen. Das Schloss umgehen und weitermachen.
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev