PuTTY wish proxy-command

Home | Licence | FAQ | Docs | Download | Keys | Links
Mirrors | Updates | Feedback | Changes | Wishlist | Team

summary: Proxying through arbitrary command (e.g. another SSH session)
class: wish: This is a request for an enhancement.
difficulty: tricky: Needs many tuits.
priority: low: We aren't sure whether to fix this or not.
fixed-in: 2006-08-27 r6808 (0.59) (0.60) (0.61) (0.62)

We occasionally get asked to implement use of arbitrary commands as proxy-like transports, similar to the ProxyCommand feature of OpenSSH.

We also get requests to use an SSH server as a `proxy'. These should probably be considered an instance of the general case. Treating SSH as just another proxy type like HTTP etc isn't feasible - we have pages of configuration UI for the `main' session, and all this would need to be configurable for the `proxy' session too. In the current model all this would have to be crammed in or under the Proxy panel somehow. With a ProxyCommand feature you could use Plink as a transport and configure it as usual.

It's less obvious how a ProxyCommand-type feature should be configured on Windows than on Unix, as Windows is much less command-oriented (where OpenSSH usually runs). Also, implementation in a manner compatible with Win95/98 (which lack useful pipes) might be tricky. (see also design discussion in `win-command-prompt')

A partial solution is to set up a local (e.g.) SOCKS server which will run whatever bizarre command you need. You can then use PuTTY's existing proxy facilities. I don't know whether there is a convenient product that provides a SOCKS front end and runs arbitrary commands at the back end, but there clearly should be. This does of course require that your SOCKS server has been started up in the first place, but since (if sufficiently clever) it can defer doing anything tricky until it's needed, that needn't be an onerous requirement.

With `portfwd-dynamic', this approach would assist those people who need to use an SSH server as a proxy.

SGT, 2006-08-26: I've just implemented this for Windows (Unix has supported it since 2003) and it seems to be basically working.

Audit trail for this wish.


If you want to comment on this web site, see the Feedback page.
(last revision of this bug record was at 2006-08-26 12:33:57 +0100)