TL;DR: I expect ProxyCommand to have effect in preference to ControlPath.
I've just tripped over this one. I have an ssh Host (let us call it "MAIN")
with a ControlPath and with ControlMaster=no, from the .ssh/config file.
I also have a shell script whose purpose is to hop to a remote host through a
port forward, which uses the ProxyCommand option like this:
ProxyCommand ssh MAIN nc 127.0.0.1 7777
because the remote host is accessible via port 7777 on host MAIN.
So the script invokes an ssh commandlike this:
ssh -o "ProxyCommand=ssh MAIN nc 127.0.0.1 7777" remoteuser@MAIN
The expectation is that the inner proxycommand ssh goes via the control socket
and that the outer ssh uses the ProxyCommand to get to the remote host.
Imagine my surprise when the ControlMaster from the config file takes
precedence over the ProxyCommand from the command line. By contract, this works
as I intended:
ssh -o ControlPath=none -o "ProxyCommand=ssh MAIN nc 127.0.0.1 7777" remoteuser@MAIN
On reflection, of course these are distinct options and that side of things
isn't, of itself, a bug. However, is there a sane use case for using
ControlMaster/ControlPath at all if there is a ProxyCommand? I would have
thought not.
Can someone explain a use case for this precedence (ControlPath before
ProxyCommand), or is this a misfeature which would benefit from a fix/change?
Thanks,
Cameron Simpson <cs@xxxxxxxxxx> (formerly cs@xxxxxxxxxx)
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev