[systemd-devel] lazy forwarding of ssh ports
Mantas Mikulėnas
grawity at gmail.com
Mon Jan 28 15:26:02 PST 2013
On Mon, Jan 28, 2013 at 11:40 PM, Igor Bukanov <igor at mir2.org> wrote:
> I would like to forward-on-demand a local port to remote one over ssh.
> Currently as a hack I use a socket unit with accept=yes together with
> a service template unit that looks like:
>
> [Service]
> ExecStart=-/usr/bin/ssh options sever nc localhost port
> StandardInput=socket
>
> This works, but rather inefficient. The data is first copied to
> systemd, that copies them to ssh, that forwards them to the nc command
> running on the remote host that finally sends the data to the port.
systemd only handles accepting connections, but does not copy any
data – ssh's stdin & stdout are attached directly to the socket.
> It would be much better to use ssh -L port-forwarding option to avoid
> all those extra data copies. Unfortunately ssh with its -L option does
> not support inetd-style socket passing and always binds itself.
>
> I suppose I can try to patch ssh to support that, but perhaps there is
> some magic option in systemd that allows to redirect the accept
> request to a new listening socket that ssh creates with its -L option?
No, there is no such magic.
--
Mantas Mikulėnas
More information about the systemd-devel
mailing list