From mboxrd@z Thu Jan  1 00:00:00 1970
From: andrew@pimlott.net (Andrew Pimlott)
Date: Thu, 23 Apr 2009 15:59:13 -0700
Subject: [sup-talk] mime-view hook
In-Reply-To: <1240509574-sup-3576@junction.es.net>
References: <1240448213-sup-1757@junction.es.net>
	<20090423175336.GX11701@pimlott.net>
	<1240509574-sup-3576@junction.es.net>
Message-ID: <20090423225913.GY11701@pimlott.net>

On Thu, Apr 23, 2009 at 11:14:48AM -0700, Jon Dugan wrote:
> I've wanted this kind of forwarding for a long, long time.  I was unaware of
> the patch listed there.  I'll have to take a look.  This would be especially
> cool if it was forwardable like the agent socket, since sometimes I have to
> ssh through intermediate boxes.  (But see my ssh-gw script for a cute trick
> for getting around this:  http://bitbucket.org/jdugan/ssh-gw/).
> 
> The unix socket forwarding would make the whole thing much, much cleaner.

It's sad that this hasn't been picked up.  I looked into it a while
back, and I can't remember exactly what the impediment is.  It would be
an extension to the SecSH protocol, and nobody on the ssh side seems to
get the need for it (baffling to me, given ssh-agent).  Even the code
that exists (AFAICT) only connects explicitly-named ports on either end.

> One hack to work around the port collision problem is to enable environment
> variable forwarding (see SendEnv in ssh_config(5)) and use that to dynamically
> choose a port per session.

Even then, you're manually managing the ports:  You have to assign a
port number to every session you use; if others use the same machines
(which is unthinkable in the first place for lack of access control),
everyone's numbers have to be unique.  That's just dumb--but you know
that. :-)

> In short I'd love something less dumb, but for now this scratches an itch.

Credit to you for writing it.  As soon as I saw it, I knew the plumber
was the right thing, but when I ran into the forwarding problem, I gave
up.  I'm glad you didn't!

Andrew