Secure Shell UNIX domain socket redirection to Proposed Standard

lauri <lauri.vosandi@gmail.com> Mon, 13 December 2010 23:46 UTC

Return-Path: <lauri.vosandi@gmail.com>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 28D033A6E13 for <ietf@core3.amsl.com>; Mon, 13 Dec 2010 15:46:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xxQRg3OPm-cV for <ietf@core3.amsl.com>; Mon, 13 Dec 2010 15:46:44 -0800 (PST)
Received: from mail-iy0-f172.google.com (mail-iy0-f172.google.com [209.85.210.172]) by core3.amsl.com (Postfix) with ESMTP id 0C1FE3A6DFA for <ietf@ietf.org>; Mon, 13 Dec 2010 15:46:43 -0800 (PST)
Received: by iyi42 with SMTP id 42so20788iyi.31 for <ietf@ietf.org>; Mon, 13 Dec 2010 15:48:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type:content-transfer-encoding; bh=n1uhTUqm7UIIM3ZBRAg/ZkGN1+FLcOrREHY8Q5BFiv8=; b=eyqGZDyDt8SofTQo1c/kNM2UraM0TQfvpFVd800eu5zb+vc4sI5IQ5adJDNVptX0gy lNUrUxoENd2IcYrXDJwrDg1vXfZOSN2/BxHKmjEz+hdyKWBMtAXyiNdqVMOWiJHJLtNO vpB4NOLZUv0i6PpdRlQ8ZzJRKGv6MCcwBQvoQ=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=qY5SllQspWxOrPu+xDU4fcQGa3W4r9rqRpo31P8hNJUcrGTLkPMC5VGrvWo7ABDHJx s18ZrF64gqYh3plPLj6KFYeUdB7+jRVWy7VWoUPw7bCZorsjx3Z759Rvb+WnrKfHaoae Rw4tR/qJNxlJtjhR7Ksu8TUtK+fxEls4SAA+c=
MIME-Version: 1.0
Received: by 10.231.37.197 with SMTP id y5mr2481876ibd.180.1292284101975; Mon, 13 Dec 2010 15:48:21 -0800 (PST)
Received: by 10.231.39.131 with HTTP; Mon, 13 Dec 2010 15:48:21 -0800 (PST)
Date: Tue, 14 Dec 2010 01:48:21 +0200
Message-ID: <AANLkTi=MmbBxKoUkN2qgr_++FcWQ+ZgwEhiKeUCDBYnU@mail.gmail.com>
Subject: Secure Shell UNIX domain socket redirection to Proposed Standard
From: lauri <lauri.vosandi@gmail.com>
To: ietf@ietf.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Mailman-Approved-At: Wed, 15 Dec 2010 10:12:49 -0800
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Dec 2010 23:48:05 -0000

Good evening,

on GNU/Linux boxes there are many services which use UNIX domain
sockets for inter-process communication. Most of them also support TCP
sockets, but that needs additional code for authentication.

There used to be streamlocal patch which implemented UNIX domain
socket redirection for OpenSSH but now it seems to be dead:
http://www.25thandclement.com/~william/projects/streamlocal.html

Generally I think it would be good idea to have UNIX domain socket
redirection in Secure Shell standard because the difference between
TCP/IP redirection code and the one used for UNIX domain sockets is
minor. The feature would benefit many LTSP deployments and other
installations aswell.

Blogpost related to the lack of UNIX domain socket redirection in
Secure Shell standard can be found here:
http://v6sa.wordpress.com/2010/12/01/gnulinux-based-terminal-servers-with-smartcard-support/

-- 
Lauri Võsandi
tel: +372 53329412
e-mail: lauri.vosandi@gmail.com
company: Povi Software OÜ (http://www.povi.ee)
blog: http://v6sa.wordpress.com/