lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed Jun 21 02:07:53 2006 From: psz at maths.usyd.edu.au (Paul Szabo) Subject: dns tunneling with win32 client / ProxyCommand Stefan, >> I do not think putty has any proxying capabilities. Have a look at >> >> http://www.maths.usyd.edu.au/u/psz/ssh-with-skey >> >> which does essentially what you want: instead of invoking the proxy from >> within ssh/putty, have the proxy invoke ssh/putty. ... > > PUTTY supports using remote proxy but it doesn't support any proxy > command like calling a file as proxy. > That's the method you use to establish ssh tunnel over dns. You invoke > ssh but instruct it to use droute.pl to tunnel/route ssh connection > over dns packets to destination > (http://www.doxpara.com/ozymandns_src_0.1.tgz). > > So i can't follow what's the whole purpose to let proxy invoke ssh. > (you must use droute.pl for establishing dns tunnel). Please explain. > :) You want ssh not to open the communication channel by itself (normally to server:22), but have droute do the communicating. With UNIX (or cygwin) you can use ProxyCommand to achieve what you want. However there is no ProxyCommand on putty... So what you do, is to make droute communicate "out" the way you want, and also make it listen/accept an "incoming" connection e.g. on localhost:1234; then tell putty to connect to localhost:1234 as the server. Your communication will go through droute as you wanted. To make things "simple", you do not manually start "fancy droute" and then putty, but get your "fancy droute" to start putty once it is ready to accept a connection. In the ProxyCommand case, you have ssh invoking droute: ssh talks to droute which talks to remote server. What I propose is to have droute start, then later have putty started, possibly from within droute: droute talks to remote server and to putty; in effect putty talks to droute which talks to remote server, same as before. Is this clear enough now? (I often wonder if I am able to express myself clearly: I thought this was documented in ssh-with-skey...) Cheers, Paul Paul Szabo psz@...hs.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia
Powered by blists - more mailing lists