undefined | Better HN

0 pointsomribahumi5y ago0 comments

Have you considered using ssh command's ProxyCommand option? It allows you to replace the TCP transport with communication over stdin/stdout.

It could help you replace the TUN with something more cross platform, and possibly with less overhead. You can pass in the hostname using %h, so you can even have virtual DNS.

0 comments

tptacek5y ago

How does that help us here? Without WireGuard, there's no channel with which you can talk to a Fly Hallpass instance, by design.

xmodem5y ago

Implement the userspace wireguard client and TCP stack as a ProxyCommand, make something useful for the general case of SSH'ing over wireguard.

tptacek5y ago

You can totally do that. The code is public, and for a simple TCP proxy, we're talking, maybe, a couple dozen lines.

j / k navigate · click thread line to collapse

0 pointsomribahumi5y ago0 comments

Have you considered using ssh command's ProxyCommand option? It allows you to replace the TCP transport with communication over stdin/stdout.

It could help you replace the TUN with something more cross platform, and possibly with less overhead. You can pass in the hostname using %h, so you can even have virtual DNS.

0 comments

tptacek5y ago

How does that help us here? Without WireGuard, there's no channel with which you can talk to a Fly Hallpass instance, by design.

xmodem5y ago

Implement the userspace wireguard client and TCP stack as a ProxyCommand, make something useful for the general case of SSH'ing over wireguard.

tptacek5y ago

You can totally do that. The code is public, and for a simple TCP proxy, we're talking, maybe, a couple dozen lines.

j / k navigate · click thread line to collapse