Till Riedel riedel

## sshagent-bridge
#!/bin/sh
SOCKDIR=`mktemp.exe -d /tmp/ssh-XXXXXXXXX`

SSH_AUTH_SOCK=$SOCKDIR/agent.$$;export SSH_AUTH_SOCK;
[ -z ${1+x} ] && echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK;export SSH_AUTH_SOCK;"

socat UNIX-LISTEN:$SSH_AUTH_SOCK,umask=066,fork EXEC:"PLINK.EXE -serial //./pipe/openssh-ssh-agent",pipes &

SSH_AGENT_PID=$!; export SSH_AGENT_PID;

## 01nginx-tls-sni.md

      
              1 file
            
          
              35 forks
            
          
              37 comments
            
          
              188 stars
            
          
                kekru
                / 01nginx-tls-sni.md
            
            
              Last active
              June 19, 2024 17:24
            
              
                nginx TLS SNI routing, based on subdomain pattern
              
          
    Nginx TLS SNI routing, based on subdomain pattern

Nginx can be configured to route to a backend, based on the server's domain name, which is included in the SSL/TLS handshake (Server Name Indication, SNI).

This works for http upstream servers, but also for other protocols, that can be secured with TLS.
prerequisites


at least nginx 1.15.9 to use variables in ssl_certificate and ssl_certificate_key.
check nginx -V for the following:
...
TLS SNI support enabled
	#!/bin/sh
	SOCKDIR=`mktemp.exe -d /tmp/ssh-XXXXXXXXX`

	SSH_AUTH_SOCK=$SOCKDIR/agent.$$;export SSH_AUTH_SOCK;
	[ -z ${1+x} ] && echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK;export SSH_AUTH_SOCK;"

	socat UNIX-LISTEN:$SSH_AUTH_SOCK,umask=066,fork EXEC:"PLINK.EXE -serial //./pipe/openssh-ssh-agent",pipes &

	SSH_AGENT_PID=$!; export SSH_AGENT_PID;