New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
proposal: x/crypto/ssh add sshutil.ReverseProxy: a single host reverse proxy for SSH #44198
Comments
Given that this already exists in an external package, it is unclear that we need to add more to x/crypto/ssh. /cc @FiloSottile |
This proposal has been added to the active column of the proposals project |
ping @FiloSottile |
Generally, these kind of application-level (as opposed to protocol-level) implementations are a pain to maintain in the standard library: everyone needs to configure their application a little differently, and there is no specification for how they are supposed to work. Specifically, HTTP reverse proxies run the Internet, while SSH reverse proxies are a fairly uncommon deployment. Bastions are usually hosts that relay a TCP connection, not authenticated clients. This fits best in a third-party client. |
Ok, fair points all around. Closing this out. Appreciate the consideration 👍 |
No change in consensus, so declined. |
Proposal
Add a new
sshutil
package with the following import pathIn this new package, implement a single host reverse proxy, modeled after the
httputil.ReverseProxy
API.An example implementation can be found here: https://github.com/cmoog/sshutil
The implementation is relatively tricky for those unfamiliar with SSH internals, but serves a wide range of common use cases– similar in nature to the convenience of
httputil.ReverseProxy
.@gopherbot, please add labels Proposal
The text was updated successfully, but these errors were encountered: