Question: About the architecture (missing documentation)

[lars18th]

Sorry for this stupid question... but, I feel the current documentation is quite confusing. :confused:

Technically, what is the architecture of sshportal? Something like this:

  ssh (client) -------/ Internet /------> sshportal --------/ Private LAN /--------> ssh-server
                     [SSH protocol]                          [SSH protocol]

So the client stablish the SSH connection to the sshportal, and after the sshportal stablish another SSH connection to the target server?

If this is true, then:

• Can the cypher be different for each connection?
• Can the SSH client connection use Compression, and not the SSH server?
• Dynamic SSH commands that runs the SSH client (like create tunnel, repeat key exchange, etc.; that are executed after the connection is stablished) are passed to the target host, or are processed by the sshportal process?

Please help me to better understand the architecture. Thank you!

[moul]

Hi,

To be more accurate, I need to adjust something in your schema:

  ssh (client) -------/ Internet /------> sshportal --------/ Private LAN /--------> ssh-server
                     [SSH protocol]                          [Hybrid protocol]

Basically, sshportal is not doing a real SSH connection to the remote host, it only initiate the connection to manage the authentication part + forward env, requests, etc; then as soon as it can, it just creates a direct pipe between the client and the remote server.

Good news -> it allows supporting a lot of features of SSH out of the box

Bad news -> it can have some limitations; and ... I don't know them all :)

As soon as people will list me limitations that I can reproduce, I will try to compute a matrix of what works and what doesn't