When using the RemoteForward with a Unix domain socket

This is widely used in forwarding gpg-agent. This feature is required when signing git commits in remote server by using local gpg keys.

ref: https://wiki.gnupg.org/AgentForwarding

I had noted in #8262 that gliderlabs/ssh has a PR to implement this, so adding here as I think it's going to be useful: gliderlabs/ssh#196

Thanks!

My PR on the gliderlabs repo is stalled, but I had to integrate this into a repo at Coder which is open source here: https://github.com/coder/coder/blob/2c0f653aa85ab4d2c4be410642776c772eb524ac/agent/agentssh/forward.go

Should be very easy to copy that into Tailscale and plumb it up to the gliderlabs SSH server.

Hey, it's been quite a while and this feature is essential for a lot of remote developers. Is there any progress on this issue? Thanks for the amazing work!

I'm totally OK with someone copying my code and opening a PR to update tailscale's SSH tempfork.

I'd be willing to take a stab at it sometime soon, can't guarantee I'll actually succeed since my knowledge is limited to the copy paste xD. Essentially though, I just merge gliderlabs/ssh#196 into Tailscale's temp fork right?

So I've managed to fix the Warning: remote port forwarding failed for listen path /tmp/test.socket message but GPG forwarding isn't really working for me. I'm trying to double check if this is my fault or a problem with my implementation.

If anyone with a known working setup would be able to test https://github.com/Xenfo/tailscale, I'd appreciate it.

Great news! I got it working for the most part, the final issue was with permissions. Now I'm going to properly implement the checks for security and get a PR up.