Hi Anand, Anand Buddhdev wrote: > am unable to extend openssh in any way. If I could, I would. That last part made me think about this some more. I understand that to mean that you do in fact have control over at least all clients? >From your original mail I understood that you do not have control over all proxy hosts. Correct? > For now, I think my best option is to keep using netcat (nc) on the proxy Where nc is available that's all right. For when nc is not available, and assuming that you have control over all clients and would use a patched OpenSSH client please answer if it would be acceptable for the client (as opposed to the proxy, which is what currently happens) to resolve your destination host name? If yes, that would allow a (neat?) hack where the client would resolve the name and could then open "direct-tcpip" channels for all address, with some interval or why not all at once, and whatever comes back successfully connected first will get used. The drawback is that losing channels need to be closed if they come back successful, but I think that may be manageable. //Peter _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
