> I think the hacks mentioned in the thread "disabling of TCP forwarding
> ineffective?" are not a sufficient solution, because:
>
> - netcat works as a one shot server, but a continual server is needed
> - a SOCKS interface is needed rather than just a simple port
> forwarding
I think I've found that solution. I start that on LH ...
... and LH becomes a SOCKS4 server through the SSH tunnel, even if TCP
forwarding is disabled.
(Needs socat <http://www.dest-unreach.org/socat/> and
delegated <http://www.delegate.org/delegate/>.)
- It's no longer a one shot server due to the capabilities of socat
(replaces netcat).
- Starting ssh for every new server connection is not necessarily as
ineffective as it sounds to be. Just make them slave connections by
configuring in ~/.ssh/config:
Host REMOTEHOST
ControlMaster auto
ControlPath ~/.ssh/controls/%r@%h:%p
Regards
Thomas
--
Don't you wish you had more energy... or less ambition?
> I think the hacks mentioned in the thread "disabling of TCP forwarding
> ineffective?" are not a sufficient solution, because:
>
> - netcat works as a one shot server, but a continual server is needed
> - a SOCKS interface is needed rather than just a simple port
> forwarding
I think I've found that solution. I start that on LH ...
socat TCP4-LISTEN:45600,reuseaddr,fork EXEC:'ssh -e none REMOTEHOST delegated -f SERVER=socks4'
... and LH becomes a SOCKS4 server through the SSH tunnel, even if TCP
forwarding is disabled.
(Needs socat <http://www.dest-unreach.org/socat/> and
delegated <http://www.delegate.org/delegate/>.)
- It's no longer a one shot server due to the capabilities of socat
(replaces netcat).
- Starting ssh for every new server connection is not necessarily as
ineffective as it sounds to be. Just make them slave connections by
configuring in ~/.ssh/config:
Host REMOTEHOST
ControlMaster auto
ControlPath ~/.ssh/controls/%r@%h:%p
Regards
Thomas
--
Don't you wish you had more energy... or less ambition?
[ reply ]