On 20/05/2020 09:58, Warlich, Christof wrote:
That sounds like a chicken-and-egg situation. You have:
host *.example.com
ProxyJump blah
but you don't know that you should use this entry until you know that the unqualified name can be qualified to *.example.com.
ISTM that if you want the ProxyJump host to work that way, you'd have to try every ProxyJump entry in the file, and ask them in turn to resolve the name until you find one that works.
This seems to be a misunderstanding: Yes, there would be a chicken-egg situation if the ProxyJump command would only know an unqualified hostname, like "blah" in your example. But that's not what I'm heading for
...
there was no intent or reason to have an unqualified hostname in ProxyJump
Sorry, that bit was just my laziness in typing. Pretend that I had written:
host *.example.com
ProxyJump blah.some.random.domain
or
host *.example.com
ProxyJump proxy.example.com
The argument would be the same. If you try to ssh to an unqualified
host like "foo", then you don't know that it might be resolvable via the
given ProxyJump host until you first know that it matches *.example.com
- a circular dependency.
Regards,
Brian.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
