On 12/01/2020 15:39, Nico Schottelius wrote:
>
> Hey Thorsten,
>
> you might have misunderstood me. The purpose of my request was to enable
> transition towards IPv6 networks. Concrete, the following scenario:
>
>
> [ v4 Internet ]
> |
> [ v4 to v6proxy ]----------------------------
> | | |
> [v6 only host 1] [v6 only host 2] [v6 only host 3]
> | | |
> [ v6 Internet ]----------------------------
>
> If we had any possibility to support this scenario, a lot of services
> that we see could be shifted to IPv6 only hosts today and not tomorrow.
>
> The "migrate everyone at once" approach really doesn't work in real
> life, you need to have either network providers or content providers do
> a start. And at this point a lot of things can already be shifted to
> IPv6 only machines with still being accessible from the legacy Internet.
>
> Besides ssh.
>
> Let me rephrase my original question, I don't actually want SNI:
>
> Is there any way to create a multiplexing proxy for SSH?
FWIW a provider called Mythic Beasts[0] seem to have much the same issue
as you. They provide IPv6-only servers and need to provide ssh access to
them over IPv4. What they do is multiplex based on port number. For
example, to ssh to one server I run:
ssh -p 5167 root@ssh.monit_test.hostedpi.com
and to another I run:
ssh -p 5161 root@xxxxxxxxxxxxxxxxxxxxx
It's not quite as slick as automatically routing based on the domain
used for access but does the trick well enough for them and is used in
production.
[0]: mythic-beasts.com
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
