-
Notifications
You must be signed in to change notification settings - Fork 496
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for ssh-obfuscation to sshfs #203
Comments
Could you clarify what exactly you'd like to see done in SSHFS? As I already said by email, SSHFS internally calls whatever SSH binary is installed on the local and remote machines, and will thus use whatever patches have been applied to them. |
To connect to a obfuscaded sshd it is needed to use a keyword to initialize the crypted ssh handshake. The usage on an obfuscation enabled ssh client would then look like: "ssh [email protected] -Z obfuscate_keyword". All good, all works. I would just love to have a way to use it in sshfs with an option like "-o obfuscate_keyword=xxx" and it does the trick inside the sshfs client, like bitvise ssh clinet does. Passing that keyword from sshfs to a patched ssh client does not work (at least for me) and it could be discussed with the maintainer of the openssh patches, but it would simply be nicer to have it supported in sshfs. If I get it wrong, or it is not duable for sshfs, just close the case. At least I tried it. :-) Thanks! |
You should be able to pass the option in |
I don't think this belongs to the ssh protocol. It is fairly robust and safe and made for availability not hiding behind obfuscation. If you need something like that, you can do fairly similar things with port knocking or cryptographicaly safe-port knocking, which will open you a port in firewall after sending correct challenge: |
Closing per my comment above. |
Bruce Leidl (@brl) gave a detailed description of the reasons behind his proposal to obfuscate the handshake process of ssh connection. Go over it if you have the time. It's not long and fairly easy to understand. https://github.com/brl/obfuscated-openssh
It would be nice if sshfs would support this way of obfuscation. There are patches for openssh, so maybe it is not that much effort to add a "obfuscation option" for sshfs. https://zinglau.com/projects/ObfuscatedOpenSSHPatches.html
Thank you in advance.
The text was updated successfully, but these errors were encountered: