Remi Paulmier
2016-Sep-23 10:48 UTC
possibility of a RemoteCommand option in the ssh config file
Hi,
About one year ago, someone (Simon Zack) asked about a RemoteCommand
option.
His question did not encounter a large amount of answers, maybe because
Simon himself did not answer to a question from Darren Tucker about his use
case ? However, I think I have a use case pretty close to Simon's one:
Let's imagine a host named 'lxc.host.example.org', hosting many LXC
containers named '<cont>.lxc.host.example.org'.
With a RemoteCommand option, working pretty much the same as the
ProxyCommand one, we could write something like:
$ cat ~/.ssh/config
Host host.lxc.example.org
RequestTTY force
Host *.host.lxc.example.org
Hostname host.lxc.example.org
RemoteCommand lxc-attach -n %h --
That way, we would be able to attach to containers, without the need to run
sshd inside each container, by running:
$ ssh mycontainer.host.lxc.example.org
A bit of difference with the ProxyCommand behaviour, though: the %h macro
should expand to the host that was requested on the cli; not the one
specified with Hostname.
I know I can specify the command on the cli, or even make an alias, but it
would introduce an interface difference for the end-user between regular
hosts and lxc containers.
Any opinion ?
Kind regards,
r?mi
Ángel González
2016-Sep-28 21:19 UTC
possibility of a RemoteCommand option in the ssh config file
Paulmier wrote:> Hi, > > About one year ago, someone (Simon Zack) asked about a RemoteCommand > option. > > His question did not encounter a large amount of answers, maybe because > Simon himself did not answer to a question from Darren Tucker about his use > case ? However, I think I have a use case pretty close to Simon's one: > > Let's imagine a host named 'lxc.host.example.org', hosting many LXC > containers named '<cont>.lxc.host.example.org'. > With a RemoteCommand option, working pretty much the same as the > ProxyCommand one, we could write something like: > > $ cat ~/.ssh/config > Host host.lxc.example.org > RequestTTY force > > Host *.host.lxc.example.org > Hostname host.lxc.example.org > RemoteCommand lxc-attach -n %h -- > > That way, we would be able to attach to containers, without the need to run > sshd inside each container, by running: > > $ ssh mycontainer.host.lxc.example.org > > A bit of difference with the ProxyCommand behaviour, though: the %h macro > should expand to the host that was requested on the cli; not the one > specified with Hostname.You should use %n for that. I like your use case, although you could the same thing (in a more convoluted configuration) using ForceCommand on the ssh key at the authorized_keys of host.lxc.example.org Cheers