Re: How do I use ProxyCommand to connect to remote host using shared session enabled by ControMaster?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Feb 7, 2011 at 9:08 PM, Igor Bukanov <igor@xxxxxxxx> wrote:
> On 5 February 2011 19:10, Asif Iqbal <vadud3@xxxxxxxxx> wrote:
>> # cat ~/.ssh/config
> ...
>> host remotehost
>>  hostname remotehost.example.net
>>  ProxyCommand ssh jumphost -t ssh %h
>
> ProxyCommand should in general connect its input/output stream to sshd
> demon listening on some socket.  In your case I would suggest to use
> the nc command from jumphost that binds stdin/stdout to the ssh port
> on the remote host, like in:
>
> ProxyCommand ssh -T -a jumphost nc %h %p
>
> where -T and -a is used to make sure that useless in this case tty on
> jumphost is not allocated and no agent is forwarded.
>

This worked perfect. So now I have it setup like this

$ cat ~/.ssh/config
host jumphost
 hostname jumphost.example.net
 ForwardX11 yes
 ControlMaster auto
 ControlPath ~/.ssh/%r@%h:%p
host remotehost
 hostname remotehost.example.net
 ProxyCommand ssh -T -a jumphost nc %h %p

And I can ssh to remotehost through the enabled shared session setup
by jumphost.

Is it possible to make it work as default for all hosts except the jumphost?

I tried to replace the remotehost with `*' and then tried to fresh
start, like below

$ cat ~/.ssh/config
host jumphost
 hostname jumphost.example.net
 ForwardX11 yes
 ControlMaster auto
 ControlPath ~/.ssh/%r@%h:%p
host *
 hostname remotehost.example.net
 ProxyCommand ssh -T -a jumphost nc %h %p

But, looks like jumphost is trying to use the proxy command instead of
just going with the config
specific to it

$ ssh -v jumphost
OpenSSH_5.5p1 Debian-4ubuntu5, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /home/iqbala/.ssh/config
debug1: Applying options for jumphost
debug1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: auto-mux: Trying existing master
debug1: Control socket
"/home/iqbala/.ssh/iqbala@xxxxxxxxxxxxxxxxxxxx:22" does not exist
debug1: Executing proxy command: exec ssh -T -a jumphost.example.net
nc jumphost.example.net 22


-- 
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?



[Index of Archives]     [Open SSH Unix Development]     [Fedora Users]     [Fedora Desktop]     [Yosemite Backpacking]     [KDE Users]     [Gnome Users]

  Powered by Linux