an SSH tunnel pop. Let's ask Mr. Owl. 1, 2, 30, crunch.
I've always been curious about super nested SSH tunnels, but never
bothered to try it. What I mean is an SSH tunnel instead of an SSH
tunnel inside of another one and so on. You can accomplish this with
commands like this:
ssh -D 10000 localhost
ssh -o 'ProxyCommand ~/bin/connectssh -S localhost:10000 %h %p' -D 10001 localhost
ssh -o 'ProxyCommand ~/bin/connectssh -S localhost:10001 %h %p' -D 10002 localhost
So that each successive ssh command uses the listening SOCKS5 port from
the previous command. You need the connectssh program in order to use
SSH through SOCKS5.
So I nested about 30 of these sessions and then tried typing just the
letter j and it generated 1,098,668 bytes of traffic due to all the
overhead of encrypting it through multiple tunnels. Each successive
tunnel having to encrypt probably twice the amount of data as the one
before it.
Holding down a key and letting it repeat (slowly) would generate a
constant 20-30MB/sec on the localhost interface and task all my CPUS
(dual 3.0GHz system) up to about 40%.
At 40 tunnels deep, 1 character generated 2,923,046 bytes and took
about 2 seconds to echo back.
Anyways, now you know.
--
Mark Krenz
Bloomington Linux Users Group
http://www.bloomingtonlinux.org/
_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug
No comments:
Post a Comment