Re: [systemd-devel] lazy forwarding of ssh ports
Thanks again! I have completely missed this new feature of ssh. On 2/3/13, Mantas Mikulėnas wrote: > On Wed, Jan 30, 2013 at 12:52 AM, Igor Bukanov wrote: >> On 29 January 2013 00:25, Mantas Mikulėnas wrote: >>> systemd only handles accepting connections, but does not copy any >>> data – ssh's stdin & stdout are attached directly to the socket. >> >> Right, how can I missed that socket<->stdio bindings happens in kernel >> that know how to transfer packets efficiently... >> >> So the whole setup is not that bad. I just wish that I could avoid the >> nc command on the server and ssh had an option to connect to a socket >> directly without netcat involvement. But this has nothing to do with >> systemd. > > Apparently, ssh has an option "-W host:port" to do just that. > > -- > Mantas Mikulėnas > ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] lazy forwarding of ssh ports
On Wed, Jan 30, 2013 at 12:52 AM, Igor Bukanov wrote: > On 29 January 2013 00:25, Mantas Mikulėnas wrote: >> systemd only handles accepting connections, but does not copy any >> data – ssh's stdin & stdout are attached directly to the socket. > > Right, how can I missed that socket<->stdio bindings happens in kernel > that know how to transfer packets efficiently... > > So the whole setup is not that bad. I just wish that I could avoid the > nc command on the server and ssh had an option to connect to a socket > directly without netcat involvement. But this has nothing to do with > systemd. Apparently, ssh has an option "-W host:port" to do just that. -- Mantas Mikulėnas ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] lazy forwarding of ssh ports
On Mon, Jan 28, 2013 at 11:40 PM, Igor Bukanov wrote: > I would like to forward-on-demand a local port to remote one over ssh. > Currently as a hack I use a socket unit with accept=yes together with > a service template unit that looks like: > > [Service] > ExecStart=-/usr/bin/ssh options sever nc localhost port > StandardInput=socket > > This works, but rather inefficient. The data is first copied to > systemd, that copies them to ssh, that forwards them to the nc command > running on the remote host that finally sends the data to the port. systemd only handles accepting connections, but does not copy any data – ssh's stdin & stdout are attached directly to the socket. > It would be much better to use ssh -L port-forwarding option to avoid > all those extra data copies. Unfortunately ssh with its -L option does > not support inetd-style socket passing and always binds itself. > > I suppose I can try to patch ssh to support that, but perhaps there is > some magic option in systemd that allows to redirect the accept > request to a new listening socket that ssh creates with its -L option? No, there is no such magic. -- Mantas Mikulėnas ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] lazy forwarding of ssh ports
I would like to forward-on-demand a local port to remote one over ssh. Currently as a hack I use a socket unit with accept=yes together with a service template unit that looks like: [Service] ExecStart=-/usr/bin/ssh options sever nc localhost port StandardInput=socket This works, but rather inefficient. The data is first copied to systemd, that copies them to ssh, that forwards them to the nc command running on the remote host that finally sends the data to the port. It would be much better to use ssh -L port-forwarding option to avoid all those extra data copies. Unfortunately ssh with its -L option does not support inetd-style socket passing and always binds itself. I suppose I can try to patch ssh to support that, but perhaps there is some magic option in systemd that allows to redirect the accept request to a new listening socket that ssh creates with its -L option? ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
