Re: [saag] draft-kwatsen-reverse-ssh submission for review

[Joe Touch <touch%isi.edu@localhost>]

On 5/12/2011 6:01 PM, Kent Watsen wrote:
> > Any clue what port they're using for this? There doesn't appear to be
> > one currently allocated.
>
> Juniper is using port 7104, I think, but there is no need to
> maintain that compatibility since the message format presented in
> this submission is not backward compatible with their's. For
> instance, Juniper's existing format only supports one host-key,
> whereas this this proposal supports all the host-keys the SSH server
> has.

Understood; I was asking because it sounded like Juniper was using a 
port they hadn't registered ;-( That should be fixed...

> > Also, there are separate ports for SSH (22) and netconf over SSH
> > (830) - does this mean this proposal would need a reverse port for
> > every SSH-based service?
>
> No, this submission only asks IANA to assign a single port, to
> bootstrap the SSH protocol. Once the SSH session is up, the SSH client
> can open any number of SSH channels for tty, sftp, netconf,
> port-forwarding, etc.

Netconf over ssh uses a different port, as noted above.

> This solution is NOT expected to work with a standard 'ssh' client.
> The reason for why the SSH server has been configure to connect to the
> SSH client is domain specific. The expectation is that a custom
> application is developed (using standard SSH client libraries) for the
> purpose.

What's the reason for not solving this by having the client just listen 
on the SSH server port?

Joe