Le 17/04/2020 ? 12:29, Stuart Henderson a ?crit?:> On 2020/04/17 10:56, Christophe Lohr wrote:
>> Dear developers,
>> The ProxyJump feature is nowadays implemented on the basis of a TCP
port forwarding on the jumping host, isn't it?
>> As a result, this is affected by a AllowTcpForwarding=no configuration
on the jumping host.
>>
>> So, may I suggest a variant based on Unix sockets (such as -L or -R
does).
>>
>> Nice idea, isn't it?
>> Any volunteer to implement this?
> That doesn't make sense, how are you going to connect from the
"jump
> host" to an end machine using a unix socket?
>
> (If ssh forwarding is disabled but you are still able to make outgoing
> connections, you can use some "ssh jumphost nc" variant in
ProxyCommand
> instead, like we used to do before ProxyJump).
>
Hum hum. I see. My mistake.
It seems I completely misunderstood what ProxyJump does.
In fact, this is an ssh session into an ssh tunnel.
Encapsulation, simply.
I thought this was a way to chain ssh sessions.
As if the jumping-host had some back-to-back ssh agents
(the ssh-daemon bound to an ssh-client to the target host).
Sorry for the mistake. Sorry for the inconvenience.
Best regards.