Thanks Darren. So user has to run the following command (alternatively, he can change .ssh/config) ssh -o ProxyCommand='ssh -W localhost:1023 customuser@10.220.167.184' admin@10.220.167.184 It works. But is it possible to change sshd_config (server side settings) , so that user (from client side) has to just type and at server side, we add code to prompt user name , something like this: ssh cliuser@10.220.167.184 Username: admin password: I am trying alternatives, any quick hint would really help. Thanks !!! On Wed, Feb 1, 2017 at 3:26 AM, Darren Tucker <dtucker@xxxxxxxxxx> wrote: > On Wed, Feb 1, 2017 at 6:05 AM, Sudarshan Soma <sudarshan12s@xxxxxxxxx> > wrote: > > Hi Darren, the clients config would need customer to change firewall > > settings to allow 1023 port. > > Not in the configuration I proposed: the first ssh command runs the > second to connect to the server so you'd end up with TCP connections > client -> server:22 and server ->server:1023 and an end-to-end ssh > connection from the client to the sshd on port 1023. > > > ssh admin@127.0.0.1 -p 1023 should work. I have shared sshd logs , can > you > > see if it gives hint on why reading passwd happens in sshd side and echo > and > > read for user happens at client side. > > Looking at the debug log I think it might be a bug in sshd. The log > says it's 6.6, which is a few years old. Is it an unmodified version > built from the source from openssh.com, and does the current release > (7.4) do the same thing? > > -- > Darren Tucker (dtucker at zip.com.au) > GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) > Good judgement comes with experience. Unfortunately, the experience > usually comes from bad judgement. > _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev