Michael Haggerty
2012-May-16 09:32 UTC
Idea for feature recursive ssh: "scp file user1@gateway:user2@server:"
[I sent this email to the list in January but haven't seen it appear.
Maybe it didn't get through moderation?]
How many times have I typed in one window
ssh -L 8022:server:22 user1 at gateway
only so that I can type (in another window!)
scp -P 8022 file user2 at localhost:
This is a pain:
* cumbersome
* requires two commands windows
* confuses ssh's host key verification
Obviously if one is always accessing the same hosts then it is possible
to simplify the steps using configuration, but I don't know of a way to
make this really easy if there are many remote servers. Also, the
manner of accessing the servers might be different when you are inside
vs. outside the firewall, making the configuration approach awkward.
It would be very cool to be able to type something like
scp file user1 at gateway:user2 at server:
and have SSH do the tunneling by itself.
Maybe there is already an easy way to accomplish the same thing, but it
is unknown to me.
The same syntax could be used for ssh itself:
ssh user1 at gateway:user2 at server
though admittedly this isn't quite such a big win compared to the
approximately equivalent
ssh -t user1 at gateway ssh user2 at server
Thank you for your attention,
Michael
--
Michael Haggerty
mhagger at alum.mit.edu
http://softwareswirl.blogspot.com/
Saku Ytti
2012-May-16 10:15 UTC
Idea for feature recursive ssh: "scp file user1@gateway:user2@server:"
On 16 May 2012 12:32, Michael Haggerty <mhagger at alum.mit.edu> wrote:> How many times have I typed in one window > > ? ?ssh -L 8022:server:22 user1 at gateway > > only so that I can type (in another window!) > > ? ?scp -P 8022 file user2 at localhost:+1. Not far from what I propose here: http://lists.mindrot.org/pipermail/openssh-unix-dev/2011-October/030030.html ---- Or maybe just 'ssh box1,box2,box3' which would be equivalent to cat >> .ssh/config box3 path box1,box2 --- -- ? ++ytti
Darren Tucker
2012-May-16 10:23 UTC
Idea for feature recursive ssh: "scp file user1@gateway:user2@server:"
On Wed, May 16, 2012 at 11:32:17AM +0200, Michael Haggerty wrote:> [I sent this email to the list in January but haven't seen it > appear. Maybe it didn't get through moderation?] > > How many times have I typed in one window > > ssh -L 8022:server:22 user1 at gateway > > only so that I can type (in another window!) > > scp -P 8022 file user2 at localhost:You want ProxyCommand + ssh -W. Try this: ssh -o 'ProxyCommand ssh -W user2 at gateway:%p' user2 at gateway or the equivalent in ~/.ssh/config Host server ProxyCommand ssh -W %h:%p server User user2 Host gateway User user1 Basically, you're using "ssh -W" (aka "netcat mode") as a ProxyCommand. This logs into "gateway", then establishes a TCP port forwarding and passes the traffic over stdin/stdout. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.