Displaying 20 results from an estimated 27 matches for "oproxycommand".
Did you mean:
proxycommand
2015 Oct 16
3
Is there any solution, or even work on, limiting which keys gets forwarded where?
On Thu, Oct 15, 2015 at 04:15:03PM -0400, Daniel Kahn Gillmor wrote:
> if the intermediary machine (the "jumphost") is jumphost.example, and
> you are trying to reach bar.example.com (which is behind the firewall),
> you would do:
> ssh -oProxyCommand='ssh jumphost.example -W %h:%p' bar.example.com
We use jump host, but there are literally hundreds of hosts behind it.
And since I often need to run things on multiple hosts, I ssh to jump
host, start tmux session, and ssh from there wherever I need.
Not to mention that in case like above...
2001 Aug 15
1
ProxyCommand broken in SNAP-20010814
For some odd reason, one line was removed from the handling of
ProxyCommand in readconf.c. As a result, ssh crashes on strlen(string)
when it parses this option.
--- readconf.c:X Mon Aug 6 23:35:52 2001
+++ readconf.c Wed Aug 15 16:11:44 2001
@@ -475,6 +475,7 @@
case oProxyCommand:
charptr = &options->proxy_command;
+ string = xstrdup("");
while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
string = xrealloc(string, strlen(string) + strlen(arg) + 2); strcat(string, " ");
--Pavel Kankovsky aka Peak [ Boycott Mi...
2015 Oct 20
3
Is there any solution, or even work on, limiting which keys gets forwarded where?
...15 at 04:15:03PM -0400, Daniel Kahn Gillmor wrote:
> >>> if the intermediary machine (the "jumphost") is jumphost.example, and
> >>> you are trying to reach bar.example.com (which is behind the firewall),
> >>> you would do:
> >>> ssh -oProxyCommand='ssh jumphost.example -W %h:%p' bar.example.com
> >We use jump host, but there are literally hundreds of hosts behind it.
> >And since I often need to run things on multiple hosts, I ssh to jump
> >host, start tmux session, and ssh from there wherever I need.
> You can...
2004 Aug 26
2
OpenSSH PATCH: OpenCommand and CloseCommand
...ision 25)
+++ openssh-3.8p1/readconf.c (revision 25)
@@ -93,7 +93,8 @@
oPasswordAuthentication, oRSAAuthentication,
oChallengeResponseAuthentication, oXAuthLocation,
oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
- oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
+ oUser, oHost, oEscapeChar, oRhostsRSAAuthentication,
+ oOpenCommand, oCloseCommand, oProxyCommand,
oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
oCompressionLevel, oTCPKeepAlive, oNumberOfPasswordPrompts,
@@...
2015 Jul 05
2
How to ssh to a server via an intermediate server with X11 forwarding?
I tried the following command.
ssh -Y -t intermediate -- ssh -Y dest
But it shows the following error message. Does anybody know how to fix
the problem? Thanks.
X11 forwarding request failed on channel 0
--
Regards,
Peng
2015 Mar 19
0
[Bug 1604] SCTP support for openssh
...,6 +130,9 @@ typedef enum {
oPasswordAuthentication, oRSAAuthentication,
oChallengeResponseAuthentication, oXAuthLocation,
oIdentityFile, oHostName, oPort, oCipher, oRemoteForward,
oLocalForward,
+#ifdef SCTP
+ oTransport,
+#endif
oUser, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
@@ -198,6 +201,9 @@ static struct {
{ "hostname", oHostName },
{ "hostkeyalias", oHostKeyAlias },
{ "proxycommand"...
2003 Apr 02
3
[Bug 528] ProxyCommand none is sensitive to extra whitespace
...--
Summary|ProxyCommand none breaks ssh|ProxyCommand none is
| |sensitive to extra
| |whitespace
------- Additional Comments From mouring at eviladmin.org 2003-04-02 15:01 -------
$ ssh '-oProxyCommand none ' localhost
/bin/sh: none: not found
ssh_exchange_identification: Connection closed by remote host
$ ssh '-oProxyCommand none' localhost
Enter passphrase for key '/home/mouring/.ssh/id_rsa':
none works as suggested, but it sensitive to extra whitespaces. (summary
clarifi...
2007 Jan 16
0
patch to enable ssh use sock fd 3,4
...addr_in($bind_port, inet_aton $bind_addr)) || die "bind: $!";
listen($sfd,SOMAXCONN) || die "listen: $!";
accept (Cfd,$sfd);
close $sfd;
open 3,"<&Cfd";
open 4,"<&Cfd";
if(! grep fileno(Cfd) == $_,(3,4)) { close Cfd;}
exec {ssh} qw(ssh -D2085 -oProxyCommand=:socket: user at sshd_host);
So if you pass -oProxyCommand=:socket: to ssh it will not make a new child
but use those 2 fd.
diff -rNu openssh-4.5p1/sshconnect.c openssh-4.5p1-ssh-socket/sshconnect.c
--- openssh-4.5p1/sshconnect.c 2006-10-23 20:02:24.000000000 +0300
+++ openssh-4.5p1-ssh-socke...
2015 Jul 18
2
How to ssh to a server via an intermediate server with X11 forwarding?
...t mindrot.org> wrote:
> On Sat, 4 Jul 2015, Peng Yu wrote:
>
>> I tried the following command.
>>
>> ssh -Y -t intermediate -- ssh -Y dest
>>
>> But it shows the following error message. Does anybody know how to fix
>> the problem? Thanks.
>
> ssh -oProxyCommand="ssh -W %h:%p intermediate" -Y dest
>
> should work
Somehow, the above command works in some cases but not others (I still
see "X11 forwarding request failed on channel 0"). Do you know how to
debug for the cases that do not work? Thanks.
--
Regards,
Peng
2016 May 04
4
Dynamic Remote Port forward?
Hi folks,
I'm wondering if it is possible to set up a dynamic port forward (i.e.
socks proxy), where the listening socket is actually on the server rather
than the client as is currently the case for -D ?
A possible use case is providing a deeply firewalled box with an outbound
SOCKS proxy, but only while an inbound ssh connection is active.
Or, in my particular case, I have many routers
2002 Jul 17
2
[Patch] SSH through HTTP proxy using CONNECT
...openssh/readconf.c src/readconf.c
--- /usr/src/crypto/openssh/readconf.c Thu Sep 27 18:33:34 2001
+++ src/readconf.c Wed Jul 17 16:14:44 2002
@@ -108,6 +108,7 @@
#endif
oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
+ oProxyServer, oProxyPort,
oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts,
@@ -158,6 +159,8 @@
{ "hostname", oHostName },
{ "hostkeya...
2000 Feb 04
0
Patch that allows equal sign in options
...@@
case oUser:
charptr = &options->user;
parse_string:
- cp = strtok(NULL, WHITESPACE);
+ cp = strtok(NULL, WHITESPACE_EQ);
if (!cp)
fatal("%.200s line %d: Missing argument.", filename, linenum);
if (*activep && *charptr == NULL)
@@ -400,7 +401,7 @@
case oProxyCommand:
charptr = &options->proxy_command;
string = xstrdup("");
- while ((cp = strtok(NULL, WHITESPACE)) != NULL) {
+ while ((cp = strtok(NULL, WHITESPACE_EQ)) != NULL) {
string = xrealloc(string, strlen(string) + strlen(cp) + 2);
strcat(string, " ");
strcat...
2015 Oct 15
4
Is there any solution, or even work on, limiting which keys gets forwarded where?
Hi,
I'm in a situation where I'm using multiple SSH keys, each to connect to
different set of servers.
I can't load/unload keys on demand, as I usually am connected to at
least 2 of such sets.
But - some rogue "root", could get access to my agent-forwarding socket,
and in turn, get access to keys loaded to agent (not in terms of
obtaining the key, but being able to use it
2008 Dec 12
4
Rsync via two ssh tunnels possible (standard method mentioned k times not possible?)
Hi list,
After reading rsync docu and doing online search, I still failed to find
a simple solution for following problem:
The goal is to sync two directories using rsync without running the
rsync daemon on one of the two hosts. The standard shell sync does not
work because of the network topology:
Ssh connect to SRC-Host
^
Base host (with ssh keys)
v
Ssh connect to bridge
2000 Nov 14
1
[PATCH] Added option 'RetryDelay'
...nssh-2.3.0p1-new/readconf.c
--- openssh-2.3.0p1/readconf.c Sat Oct 14 01:23:12 2000
+++ openssh-2.3.0p1-new/readconf.c Mon Nov 13 11:06:57 2000
@@ -98,7 +98,7 @@
#endif
oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
- oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
+ oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, oRetryDelay,
oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, oTISAuthentication,
oUs...
2001 May 01
1
connecting to non-responding hosts: 1 hr timeout (fwd)
Hello all,
If you try to make a TCP connection to a host, and the host is down,
timeouts can be as long as an hour. This is not specific to ssh, or OS.
Is this a scenario worth working around, e.g. with a timer when
connecting or the like?
--
Pekka Savola "Tell me of difficulties surmounted,
Netcore Oy not those you stumble over and fall"
Systems.
2015 Jul 29
2
[PATCH] ssh: Add option to present certificates on command line
...onf.c
+++ b/readconf.c
@@ -135,6 +135,7 @@ typedef enum {
oPasswordAuthentication, oRSAAuthentication,
oChallengeResponseAuthentication, oXAuthLocation,
oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
+ oCertificateFile,
oUser, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
@@ -202,6 +203,7 @@ static struct {
{ "identityfile", oIdentityFile },
{ "identityfile2", oIdentityFile }, /* obsolete */
{ "identit...
2001 Oct 11
0
[patch] option to prevent connection timeout
...n = select((*maxfdp)+1, *readsetp, *writesetp, NULL, NULL);
+ }
+ if (n < 0) {
char buf[100];
/*
--- openssh-2.9.9p2/readconf.c.orig Thu Sep 20 02:57:56 2001
+++ openssh-2.9.9p2/readconf.c Thu Oct 11 22:03:09 2001
@@ -109,7 +109,7 @@
oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
- oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts,
+ oCompressionLevel, oKeepAlives, oIdle, oNumberOfPasswordPrompts,
oUsePrivilegedPort, oLogLevel, oCiph...
2001 Sep 28
3
openssh-2.9p2, short hostnames
For systems where the local hostname is obtained as a short name without
domain, there should be a ssh_config option "DefaultDomain" as in ssh-3.x
from ssh.com.
For the server, there might be a corresponding option in order to strip
the domain name from the remote client name (if it matches the server's
DefaultDomain) for use in auth_rhost2, since netgroups usually contain
short
2001 Aug 24
2
[PATCH] SO_KEEPALIVE for port forwards
...", strerror(errno));
}
newch = channel_new(rtype,
nextstate, newsock, newsock, -1,
--- openssh-2.9p2/readconf.c.keepalivetunnel Tue Apr 17 11:11:37 2001
+++ openssh-2.9p2/readconf.c Thu Aug 23 15:42:37 2001
@@ -106,7 +106,7 @@
oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
- oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts,
+ oCompressionLevel, oKeepAlives, oKeepAlivesForward, oNumberOfPasswordPrompts,
oUsePrivilegedPort, oLo...