netbsd-help: Re: SSH and NAT and re-connections.

Subject: Re: SSH and NAT and re-connections.
To: Manuel Bouyer <bouyer@antioche.eu.org>
From: Richard Rauch <rauch@rice.edu>
List: netbsd-help
Date: 11/14/2002 23:31:45
> > > > I know that TCP can't handle it.  That's why this seems like a ``good
> > > > thing'' for ssh to be able to recover from.  I'd hoped that it was a
> > > > feature that was built into ssh.  Alas, from what you say, ssh doesn't
> > > > provide recovery for this, either.  I know I'm not the first person to
> > > > want/need such a thing (else GNU screen wouldn't have it; (^&).
> > >
> > > GNU screen is much, much older than ssh
> >
> > Yes, of course.  But what does that have to do with whether it's a good
> > idea that people find valuable?
>
> I understood you comment as "GNU screen was developed because ssh didn't
> have that feature".

I'm sorry for not being clear, then.  (^&

I was merely citing GNU screen as a defense to forestall someone
dismissing it as a silly feature.  As I reflect back upon it, it's
disturbing to me that I felt the need to do that.  But, that's a topic for
another discussion (and, I think another list---such as netbsd-users,
perhaps, if anywhere).


> I've the feeling that ssh is not the right place to implement this feature,
> and screen (or vnc) is the right tool to use. You have different ways to
> get a login shell on a host: telnet, rlogin, ssh, xterm, serial terminal, ...
> Implementing screen functionality in ssh would mean you can't use it with
> other tools giving you a shell.

I don't think that ssh should provide all of the features of screen.  But
it seems that making the connection survive reconnects could be done at
the ssh level, and could be made transparent to programs that just want to
see ssh as a secure form of TCP (i.e., a secure, reliable, virtual circuit
over a network).

One could argue just as well that it ssh (being a Secure SHell) has no
business dealing with X, but there it is.  And, I'm glad that it's there
(and feel that the feature belongs there---if you view ssh as being more
than just a secure form of telnet).

I understand that adding such a feature would be a significant protocol
change.  I had hoped that it might be an obscure feature that was already
in there, though.  (^&


Thanks for the prompt and direct answers, though.  My apologies for my own
tardy responses.


  ``I probably don't know what I'm talking about.'' --rauch@math.rice.edu