2005-06-19 · in Ideas · 169 words

I make heavy use of ssh tunnelling for access to services inside UKC from home. However, if I want to add a new tunnel, I have to restart the ssh client -- losing connections to all the existing tunnels briefly.

As ssh supports SOCKS for dynamic tunnelling, it would be possible to write a little daemon that listened on a configurable set of ports and tunnelled data in a configurable way using a SOCKS connection to an ssh client. This daemon could be designed so that you could tell it to reread its configuration without dropping existing connections. Alternatively, the original ssh client could be modified to have the same behaviour.

Graham pointed out that the OpenSSH client can already dynamically add tunnels, using the ~C command to edit the command line. A simpler way of implementing this would thus be to write a wrapper around ssh that sent commands to it down a pty -- although it might be more straightforward still to use one of the Python ssh modules...