'[jira] [Commented] (SSHD-1250) Document how to set up an encrypted tunnel'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mina-dev
Subject:    [jira] [Commented] (SSHD-1250) Document how to set up an encrypted tunnel
From:       "Thomas Wolf (Jira)" <jira () apache ! org>
Date:       2022-02-25 20:44:00
Message-ID: JIRA.13430719.1645802149000.357941.1645821840016 () Atlassian ! JIRA
[Download RAW message or body]


    [ https://issues.apache.org/jira/browse/SSHD-1250?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17498303#comment-17498303 \
] 

Thomas Wolf commented on SSHD-1250:
-----------------------------------

There is no built-in implementation of a client-side proxy connector in Apache MINA \
sshd. You'd have to write your own. If you want a "secure" proxy you'd have to have a \
TLS connection to the proxy and run the proxy protocol over that, the run the SSH \
protocol over that TLS connection. This effectively encrypts twice (outer TLS, inner \
SSH).

Typically such proxies run locally or in a trusted network, so using a normal non-TLS \
connection should be fine. The proxy connect would be unsecured, which is fine in a \
trusted network, but the SSH connection over that proxy connection is encrypted, like \
all SSH connections, which should be good enough. But Apache MINA sshd also has no \
built-in implementation for this. There is one in \
[JGit|https://git.eclipse.org/r/plugins/gitiles/jgit/jgit/+/refs/heads/master], but \
it's not self-contained and fairly involved. See SSHD-1008.

> Document how to set up an encrypted tunnel
> ------------------------------------------
> 
> Key: SSHD-1250
> URL: https://issues.apache.org/jira/browse/SSHD-1250
> Project: MINA SSHD
> Issue Type: Documentation
> Affects Versions: 2.8.0
> Reporter: Gili
> Priority: Major
> 
> Please explain how to set up an encrypted connection in \
> [https://github.com/apache/mina-sshd/blob/master/docs/client-setup.md]   I'd like \
> to be able to run a "secure" SOCKS proxy as defined by \
> https://github.com/eclipse/jetty.project/issues/7647



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic