SSH virtual hosts (RE: [rescue] an idea...)
George Adkins
rescue at sunhelp.org
Wed Jan 2 20:42:27 CST 2002
> What you're discussing would really require changes to the
> current SSH protocol(s), and IMHO is unlikely to ever happen.
heh, OSI layer 9 and 10, eh? (political and religious layers)
> If you tried to add virtual hosts to SSH, you would similarly
> need to pass the "who am I looking for" info *before* the
> SSHd could decide which host key to present as its credentials,
> and therefore before the crypto session was fully initialized.
> Sort of a chicken-and-egg problem.
>
a better approach might be to have the gateway software simply process the
"who are you looking for" part, and redirect the ssh connection to the right
target as it comes through.
Maybe something like:
client connects to the gateway server
client passes destination hostname to the server
server returns port number and establishes forwarding map
client calls ssh to connect to the gateway on specified port
gateway forwards connection to destination host on port 22
destination host responds and connection is established
More information about the rescue
mailing list