/dev/random » OpenSSH New Feature: “Netcat mode”

The new version (5.4) of OpenSSH has been released early this morning. OpenSSH is THE free implementation of the SSH protocol available on common devices and operating systems.

The primary goal of OpenSSH is to allow remote access to hosts for management purpose. But many other features make OpenSSH a real Swiss-army knife for all network and system administrators:

• Multiple encryption methods,
• Files transfer using SCP or SFTP,
• Port forwarding,
• SOCKS proxy server,
• VPN (tunneling),
• X11 forwarding,
• Multiple authentication methods and single sign-on (via the agent-forwarding).

Some OpenSSH release just fix bugs or introduces light changes. But today, the release 5.4 comes with a new exciting feature looking very interesting to me: the “netcat mode”. Quoted from the release notes:

“Added a ‘netcat mode’ to ssh(1): “ssh -W host:port …” This connects stdio on the client to a single port forward on the server. This allows, for example, using ssh as a ProxyCommand to route connections via intermediate servers.”

Netcat can also be compared to a Swiss-army knife at TCP/IP level. It is a multi-purpose tool which allows to read and write data across network connections. Originally, it was a tool available on UNIX flavors but Netcat (or “nc”) is  also available for Windows [Note: the Windows version is often detected as suspicious by common anti-virus softwares]. Netcat lacks of … encryption (if your original data are in clear text) but now, with the brand new OpenSSH, we can pipe data safely!