Secure Shell UNIX domain socket redirection to Proposed Standard
lauri <lauri.vosandi@gmail.com> Tue, 14 December 2010 20:01 UTC
Return-Path: <lauri.vosandi@gmail.com>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 21AA528C102 for <ietf@core3.amsl.com>; Tue, 14 Dec 2010 12:01:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.152
X-Spam-Level:
X-Spam-Status: No, score=-3.152 tagged_above=-999 required=5 tests=[AWL=0.447, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dVvOkDVHregU for <ietf@core3.amsl.com>; Tue, 14 Dec 2010 12:01:31 -0800 (PST)
Received: from mail-iw0-f172.google.com (mail-iw0-f172.google.com [209.85.214.172]) by core3.amsl.com (Postfix) with ESMTP id DCAFB28C0F0 for <ietf@ietf.org>; Tue, 14 Dec 2010 12:01:30 -0800 (PST)
Received: by iwn40 with SMTP id 40so1230018iwn.31 for <ietf@ietf.org>; Tue, 14 Dec 2010 12:03:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=n1uhTUqm7UIIM3ZBRAg/ZkGN1+FLcOrREHY8Q5BFiv8=; b=gHMg/H3hXKEhywljs5g9QeRTfLlfyM50IVvOVe7np2727yg+j9MmcOgMwYnqSEIxFk T9bFK4A5pu98GrxMuoTwSkIS3EuZwZJ6Mf6yUGnYWYQWbfRSTHEgdQTrL0uZRW9KVKSt nV3/CvVtHSlHboIbAADOW7kFksTmues13x9to=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=f1+Suz42yg9XZ8oVzz9mrV7VKpuHxPIeIWRACqI/iiW6AOS7NKakyY4Quqk3gEa/Zk oRjNy5f6g+dJdb9gX9uuUmtYVFnfPm/5hGeXiVCF+OgLATeiX9Ysi5kkzPPMNMSGaAb5 +b2EkQzCuchw7ooO3WWSgs42r4vIdvp0XmNEg=
MIME-Version: 1.0
Received: by 10.231.17.205 with SMTP id t13mr3807379iba.80.1292356991369; Tue, 14 Dec 2010 12:03:11 -0800 (PST)
Received: by 10.231.39.131 with HTTP; Tue, 14 Dec 2010 12:03:11 -0800 (PST)
In-Reply-To: <AANLkTi=MmbBxKoUkN2qgr_++FcWQ+ZgwEhiKeUCDBYnU@mail.gmail.com>
References: <AANLkTi=MmbBxKoUkN2qgr_++FcWQ+ZgwEhiKeUCDBYnU@mail.gmail.com>
Date: Tue, 14 Dec 2010 22:03:11 +0200
Message-ID: <AANLkTin73Sja0VZrsvw=Zv2sCpY4ns+yt6LKOiz7Xg1w@mail.gmail.com>
Subject: Secure Shell UNIX domain socket redirection to Proposed Standard
From: lauri <lauri.vosandi@gmail.com>
To: ietf@ietf.org
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Dec 2010 20:01:32 -0000
Good evening, on GNU/Linux boxes there are many services which use UNIX domain sockets for inter-process communication. Most of them also support TCP sockets, but that needs additional code for authentication. There used to be streamlocal patch which implemented UNIX domain socket redirection for OpenSSH but now it seems to be dead: http://www.25thandclement.com/~william/projects/streamlocal.html Generally I think it would be good idea to have UNIX domain socket redirection in Secure Shell standard because the difference between TCP/IP redirection code and the one used for UNIX domain sockets is minor. The feature would benefit many LTSP deployments and other installations aswell. Blogpost related to the lack of UNIX domain socket redirection in Secure Shell standard can be found here: http://v6sa.wordpress.com/2010/12/01/gnulinux-based-terminal-servers-with-smartcard-support/ -- Lauri Võsandi tel: +372 53329412 e-mail: lauri.vosandi@gmail.com company: Povi Software OÜ (http://www.povi.ee) blog: http://v6sa.wordpress.com/