Take a look at MOSH it uses UDP and AES-OCB to provide SSH over UDP, though it's for terminal access on unreliable networks that change IP addresses like wireless / wifi / cell networks. On 12 July 2018 at 01:05, Stef Bon <stefbon@xxxxxxxxx> wrote: > Thanks a lot for your feedback. > > David, I'm not suggesting to change openssh, and be suprised and upset > when pacthes are not acccepted. > That's not my style, I'm informing about the ability to make openssh > work with udp (without any patches). > > I'm working on a project which offers automatic access to users to > fileservices like smb,nfs and sftp using avahi for detection and fuse. > And I wrote my own > ssh and sftp clients. The simple public key auth works (serverkey in > ~/.ssh/known_hosts and users public key in ~/.ssh/authorized_keys on > server ) I'm testing openssh certificates and wanting to make it work > with yubikey and nitrokey. I'm also very interested in making this > work with centralized adiminstration. > Some months ago there was an very interesting discussion about this, > with usefull links. > > So UDP has some disadvantages cause it does not have the confirmation > a package is received TCP has. > Building something myself for the client is not a problem. But the > server is another thing. It has to allow > the client to open another connection over UDP. Extensions have to be > used here for the client to discover the server supports it. > > A counter administration has to be used apart from the existing > counter mechanism for the session over TCP. > It looks a good idea to only use this "UDP channel" for bigger data > like reading and writing files, not for every sftp command. > I'm just thinking outloud, not suggesting anything. > > Stef Bon > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
