xpra icon
Bug tracker and wiki

Opened 8 years ago

Closed 7 years ago

#17 closed enhancement (wontfix)

allow a chain of SSH hosts

Reported by: Antoine Martin Owned by: Antoine Martin
Priority: major Milestone: 0.2
Component: client Version:
Keywords: Cc:

Description

Received this patch from Philip Marek.

This can be applied once tested, and since I have no need for it, no rush to test it. Feel free to test and provide a +1 and I'll apply it.

Attachments (1)

xpra-multi-hosts.patch (998 bytes) - added by Antoine Martin 8 years ago.

Download all attachments as: .zip

Change History (7)

Changed 8 years ago by Antoine Martin

Attachment: xpra-multi-hosts.patch added

comment:1 Changed 8 years ago by Timo Juhani Lindfors

If I read the patch correctly this effectively does

ssh -T host1 ssh -T host2 ... ssh -T hostN xpra_proxy ...

This is not very secure. It lets hosts 1 .. (N-1) see your traffic and your passwords (if you use password authentication). My ~/.ssh/config has

Host host2
 ProxyCommand ssh host1 netcat %h %p

which allows me to do simply do "ssh host2". In this setup host1 will only see encrypted traffic.

Last edited 8 years ago by Antoine Martin (previous) (diff)

comment:2 Changed 8 years ago by Antoine Martin

Status: newaccepted

In principle, I am not necessarily against giving the ability to do dangerous things, in this case you would have to be using password authentication via an "untrusted" box: the attacker on that box would still need to be root - or at least the same uid? - to eavesdrop on the ssh pty used for sending the password.

It is a risk and a sub-optimal way of doing things, but as long as this is made clear to the user and does not break anything for anyone else (or endanger them in any way), I think this can be applied.
But before that, it would require man page amendments...

Comments?

comment:3 Changed 8 years ago by Timo Juhani Lindfors

I think that doing this the secure way is almost as easy as the proposed patch.

comment:4 Changed 7 years ago by Antoine Martin

Milestone: 0.0.7.x0.2

comment:5 Changed 7 years ago by bugmenot

Being able to specify a string of -o 'ProxyCommand %s' would definitely be much more useful because you could also enable sending stuff over corporate HTTP proxies and the like - not to mention safer in the naive ssh use case because of the issue that lindi described.

Last edited 7 years ago by Antoine Martin (previous) (diff)

comment:6 Changed 7 years ago by Antoine Martin

Resolution: wontfix
Status: acceptedclosed

thought about it some more, I don't think that this belongs in xpra (similar reason to #111)

Note: See TracTickets for help on using tickets.