Hello, On macOS, Terminal?s ?New Remote Connection?? command runs ssh in a new window like this: login -pfq $USER /usr/bin/ssh $HOST Here, login executes /usr/bin/ssh with argv[0] set to ?-ssh?. If $HOST has a ProxyJump configuration, the resulting ProxyCommand is: -ssh -W '[%h]:%p' $JUMP_HOST Because of the leading hyphen, this fails to execute. If the user?s shell is zsh, the Terminal window shows: zsh:1: unknown exec flag -s Would it make sense to ignore any leading hyphen when constructing the ProxyCommand from ProxyJump? % ssh -V OpenSSH_9.4p1, LibreSSL 3.3.6 -- Rob Leslie rob at mars.org
On Sat, 13 Jan 2024, Rob Leslie wrote:> Hello, > > On macOS, Terminal?s ?New Remote Connection?? command runs ssh in a new window like this: > > login -pfq $USER /usr/bin/ssh $HOST > > Here, login executes /usr/bin/ssh with argv[0] set to ?-ssh?. > > If $HOST has a ProxyJump configuration, the resulting ProxyCommand is: > > -ssh -W '[%h]:%p' $JUMP_HOST > > Because of the leading hyphen, this fails to execute. If the user?s shell is zsh, the Terminal window shows: > > zsh:1: unknown exec flag -s > > Would it make sense to ignore any leading hyphen when constructing the ProxyCommand from ProxyJump? > > % ssh -V > OpenSSH_9.4p1, LibreSSL 3.3.6This sounds more like a problem in OSX Terminal.app than ssh. We could do something like this: diff --git a/ssh.c b/ssh.c index 48d93ddf2..7cd498f84 100644 --- a/ssh.c +++ b/ssh.c @@ -1313,7 +1313,7 @@ main(int ac, char **av) * Try to use SSH indicated by argv[0], but fall back to * "ssh" if it appears unavailable. */ - if (strchr(argv0, '/') != NULL && access(argv0, X_OK) != 0) + if (access(argv0, X_OK) != 0) sshbin = "ssh"; /* Consistency check */
Hello Rob, Rob Leslie wrote:> Hello, > > On macOS, Terminal?s ?New Remote Connection?? command runs ssh in a new window like this: > > login -pfq $USER /usr/bin/ssh $HOSTIs there a way to start non-login session?> Here, login executes /usr/bin/ssh with argv[0] set to ?-ssh?. > > [snip]Regards, Roumen Petrov -- Advanced secure shell implementation with X.509 certificate support http://roumenpetrov.info/secsh/
Reasonably Related Threads
- ProxyJump may construct erroneous ProxyCommand
- Host key verification (known_hosts) with ProxyJump/ProxyCommand
- Host key verification (known_hosts) with ProxyJump/ProxyCommand
- Host key verification (known_hosts) with ProxyJump/ProxyCommand
- Feature request: ProxyJump with Unix sockets