Re: [I] Clarify how to establish an encrypted SOCKS proxy [mina-sshd]
cowwoc closed issue #479: Clarify how to establish an encrypted SOCKS proxy URL: https://github.com/apache/mina-sshd/issues/479 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
Re: [I] Clarify how to establish an encrypted SOCKS proxy [mina-sshd]
cowwoc commented on issue #479: URL: https://github.com/apache/mina-sshd/issues/479#issuecomment-2015989103 Got it. Thank you for clarifying all the moving parts. I'll go ahead and close this issue. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
Re: [I] Clarify how to establish an encrypted SOCKS proxy [mina-sshd]
tomaswolf commented on issue #479: URL: https://github.com/apache/mina-sshd/issues/479#issuecomment-2015882330 No, obviously not. After all the SSH server will connect to the target host. You'll have that problem also with any other socks proxy. You cannot conceal the target host from a socks proxy; it needs to connect to that target host. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
Re: [I] Clarify how to establish an encrypted SOCKS proxy [mina-sshd]
cowwoc commented on issue #479: URL: https://github.com/apache/mina-sshd/issues/479#issuecomment-2015548344 @tomaswolf Thank you for your reply. In the scenario you outlined, is there a way for the SOCKS client to conseal which hosts it is visiting from the SSH server? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
Re: [I] Clarify how to establish an encrypted SOCKS proxy [mina-sshd]
tomaswolf commented on issue #479: URL: https://github.com/apache/mina-sshd/issues/479#issuecomment-2010672416 See the diagrams in our [technical documentation on port forwarding](https://github.com/apache/mina-sshd/blob/master/docs/technical/tcpip-forwarding.md). With dynamic port forwarding, the SOCKS proxy sits in the SSH client, and the remote SSH server is instructed to connect to the target host. The connection between SSH client and SSH server is encrypted. The connection between the SOCKS client and the SOCKS proxy is not, but that is normally not needed. (Unless you make the SOCKS port externally accessible, the SOCKS client will be on the same host as the SOCKS proxy.) When the connection is established end to end, it depends on the protocol between the SOCKS client and the target server whether they encrypt their data stream. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
