IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Small modification to allow application proxies




On Mon, 6 Aug 2001, Bill Sommerfeld wrote:

> It's not clear to me why it would be necessary to change servers this
> way; 

Actually it isn't, you are right. The essence of my proposal can be
entirely met by modifying the client. Right now it is only the server
which can send extra information after the version string. If a client
wants to pass on meta-info of some sort it can't, unless it is with a
limited bodge in the comment string. 

It would be very nice if a standard ssh client could be used from any
platform to connect to such an application-layer proxy without any
additional infrastructure, just as any web browser can connect to a
virtual web server because the protocol passes information about which
host is requested.

However this would mean that if a client chose to send this information
every time by default (on the off-chance that it might be an application
proxy that it was connecting to) then any non-proxies would reject the
connection attempt because of extraneous data. Maybe that is a good thing.

I'll submit my implementation to the appropriate place and see what they
say. 

> an application-layer proxy which required the client to prefix
> the connection with some sort of control message could strip the
> prefix from the stream before forwarding the rest to the eventual
> destination, leaving the protocol, as seen on the outside of the
> application proxy, unchanged.

Thus creating a client (or a mode of a client, such as I proposed) that
would only work with a proxy. That's ok I guess.

--
Dan Shearer
Open Source Manager
Mob: +61 411 49 1800
Tel: +61 8 8130 3104
dan%tellurian.com.au@localhost




Home | Main Index | Thread Index | Old Index