Replies: 2 comments 1 reply
-
|
Hello @rogerl19 👋 Thank you so much for your strong feedback 🙏 The (1) is not trivial as we need to have a DNS server on the remote side and WebSSH need to forward implicitly DNS requests. The (2) seems to be related with this issue : #469 Could (2) responds to your use case and security needs? |
Beta Was this translation helpful? Give feedback.
-
|
(2) would be great assuming we can define DNS hosts that are on one of the tunnels. That way, all DNS lookups in WebSSH would go through the tunnel and leave from the remote server. That remote DNS could be something like Google 8.8.8.8 or some internal DNS server(s) that let me resolve internal addresses. I would like to set up a Dynamic Port Forwarding connection where I specify one or two DNS servers. Those DNS servers would point to a local DNS server(s) that I run myself. Then in SSH Servers, I can then reference my internal servers by their FQDN rather than using IP addresses. If the dynamic port forwarding tunnel is not connected, I expect the SSH Hosts would not be resolvable, which is expected. This would be great security since it would allow users to browse securely and not give away lookups. I think it is essential for folks to reside in restrictive countries that closely monitor browsing behavior. |
Beta Was this translation helpful? Give feedback.
-
|
I need to find a way to make DNS go through the tunnel |
Beta Was this translation helpful? Give feedback.
-
Dynamic port forwarding is a powerful feature but it lacks the ability to leverage the DNS on the remote server. This means that doing name resolutions on the local network is not possible so I would need to create SSH Connections using IP Addresses. It is also a security leak as DNS lookups are still happening on the host. Awesome to have two options.
Beta Was this translation helpful? Give feedback.
All reactions