2347 – permitopen doesn't work with unix domain sockets

Bug 2347 - permitopen doesn't work with unix domain sockets

Summary: permitopen doesn't work with unix domain sockets

Status:	REOPENED

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	sshd (show other bugs)
Version:	6.7p1
Hardware:	All All

Importance:	P5 enhancement
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-02-02 06:32 AEDT by Marcus Popp
Modified:	2019-10-20 07:22 AEDT (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Popp 2015-02-02 06:32:58 AEDT

Hi,

thank you for the 6.7 release and the nifty feature to support binding remote tunnels to unix domain sockets.

Unfortunately the permitopen command doesn't support domain sockets as well.

If I put the following in my /home/user/.ssh/authorized_keys file:
permitopen="/tmp/asdf" ssh-ed25519 AAAA...

I get the following error message:
Feb  1 19:20:54 client sshd[62063]: Bad options in /home/user/.ssh/authorized_keys file, line 1:  ssh-ed25519 AAAA..

It would be great, if could have a look at the code and add support for using unix domain sockets together with permitopen.

I have had a look at the code, but I couldn't provide a fix :-(

Regards

Marcus

P.S. Greetings Markus from your old fellow :-)

Comment 1 Marcus Popp 2015-02-02 22:57:13 AEDT


*** This bug has been marked as a duplicate of bug 2038 ***

Comment 2 openssh 2019-10-20 07:22:59 AEDT

Please implement this feature.  I tried to do this myself, but getting testing and what looks like threading support through all the calls that need it is too complicated for someone who doesn't know the code base w/o possibly opening up a security hole.

The unix domain sockets feature is not completely w/o this.  For my use case, w/o this support, there is no point is using this, and I'll be looking at another tool.