On 07/08/2013 08:19 AM, Neil Roberts wrote:
> Heh, yeah, I also experimented with going down this route. I wrote an
> overly complicated C program? to manage launching the two SSH sessions.
> That also only handles one session, but yeah I guess you could get the
> program to relaunch the SSH session after the first connection dies.
did you try the approach i outlined? no extra C code needed, and if you
want it to re-launch, you should be able to just wrap it in a shell for
loop :) You might also want a ,reuseaddr on the inner UNIX-LISTEN socat
endpoint.
> I came across some other people who were suggesting? to make socat wrap
> the Unix socket in a TCP socket and then tunnel that over SSH. I guess
> that would be a simple way to support multiple sessions. However it
> seems a bit dodgy to open a port because you can't restrict the access
> by user.
I agree you don't want to wrap it up in a TCP socket, for exactly the
access control reasons you describe.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL:
<http://notmuchmail.org/pipermail/notmuch/attachments/20130708/c23794a6/attachment-0001.pgp>
