[
https://issues.apache.org/jira/browse/SSHD-1250?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17498303#comment-17498303
]
Thomas Wolf commented on SSHD-1250:
-----------------------------------
There is no built-in implementation of a client-side proxy connector in Apache
MINA sshd. You'd have to write your own. If you want a "secure" proxy you'd
have to have a TLS connection to the proxy and run the proxy protocol over
that, the run the SSH protocol over that TLS connection. This effectively
encrypts twice (outer TLS, inner SSH).
Typically such proxies run locally or in a trusted network, so using a normal
non-TLS connection should be fine. The proxy connect would be unsecured, which
is fine in a trusted network, but the SSH connection over that proxy connection
is encrypted, like all SSH connections, which should be good enough. But Apache
MINA sshd also has no built-in implementation for this. There is one in
[JGit|https://git.eclipse.org/r/plugins/gitiles/jgit/jgit/+/refs/heads/master],
but it's not self-contained and fairly involved. See SSHD-1008.
> Document how to set up an encrypted tunnel
> ------------------------------------------
>
> Key: SSHD-1250
> URL: https://issues.apache.org/jira/browse/SSHD-1250
> Project: MINA SSHD
> Issue Type: Documentation
> Affects Versions: 2.8.0
> Reporter: Gili
> Priority: Major
>
> Please explain how to set up an encrypted connection in
> [https://github.com/apache/mina-sshd/blob/master/docs/client-setup.md]
> I'd like to be able to run a "secure" SOCKS proxy as defined by
> https://github.com/eclipse/jetty.project/issues/7647
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org
