similar to: [openssh-dev]: disable ProxyCommand from being used?

Displaying 20 results from an estimated 10000 matches similar to: "[openssh-dev]: disable ProxyCommand from being used?"

2002 Sep 26
1
Question regarding patch for ProxyCommand setting
Hi! I recently started using ProxyCommand and noticed that it's not possible to specify a "none" value for it. I've already written a patch for that, but wanted to discuss the issue before posting the patch. The problem is the following: I'd like to use a ProxyCommand by default, but exclude some hosts. But as soon as I have Host * ProxyCommand /some/proxy/command %h %p
2010 Nov 08
1
How to explicitly define the default setting for ProxyCommand for a particular host
I would like to create an ssh_config file with two basic groups of settings: A default "Host *" settings group with: Proxycommand=/my/helper/binary %h %p And another specific "Host specialServer" settings group with ProxyCommand= or ProxyCommand='' And yes, my current ssh_config file is setup in the correct order with the "Host *" declaration last. Host
2017 Nov 03
2
ControlPath versus ProxyCommand
TL;DR: I expect ProxyCommand to have effect in preference to ControlPath. I've just tripped over this one. I have an ssh Host (let us call it "MAIN") with a ControlPath and with ControlMaster=no, from the .ssh/config file. I also have a shell script whose purpose is to hop to a remote host through a port forward, which uses the ProxyCommand option like this: ProxyCommand ssh
2013 Jun 20
1
ProxyCommand that returns a socket
Hello, My usage of ProxyCommand just calls the nc utility with various parameters. That in turn after the initial setup just copies copies the data from the network socket to stdin/stdout. This useless coping can be avoided if ssh has an option to receive the socket from the proxy command. I suppose it can improve network error reporting as ssh would talk directly to the network socket rather
2011 May 02
12
[Bug 1898] New: possible unreasonable behaviour when using ProxyCommand with multiple IdentityFile(s)
https://bugzilla.mindrot.org/show_bug.cgi?id=1898 Summary: possible unreasonable behaviour when using ProxyCommand with multiple IdentityFile(s) Product: Portable OpenSSH Version: 5.8p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Miscellaneous
2020 Jun 01
2
[Bug 3175] New: ssh_config(5) - ProxyCommand should explain semantics
https://bugzilla.mindrot.org/show_bug.cgi?id=3175 Bug ID: 3175 Summary: ssh_config(5) - ProxyCommand should explain semantics Product: Portable OpenSSH Version: 8.3p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee:
2017 Nov 03
2
ControlPath versus ProxyCommand
On 03Nov2017 13:07, Damien Miller <djm at mindrot.org> wrote: >On Fri, 3 Nov 2017, Cameron Simpson wrote: >> TL;DR: I expect ProxyCommand to have effect in preference to >> ControlPath. [...] >> On reflection, of course these are distinct options and that side of >> things isn't, of itself, a bug. However, is there a sane use case for >> using
2017 Apr 07
2
[Bug 2706] New: remote code execution via ProxyCommand+browser exploit
https://bugzilla.mindrot.org/show_bug.cgi?id=2706 Bug ID: 2706 Summary: remote code execution via ProxyCommand+browser exploit Product: Portable OpenSSH Version: 7.4p1 Hardware: All OS: Mac OS X Status: NEW Severity: security Priority: P5 Component: ssh Assignee:
2017 Nov 10
3
ProxyCommand that creates identity file
Hi there, I'm working on a project to write a ProxyCommand that reaches out to an SSH CA to receive an SSH certificate prior to the connection. The ProxyCommand also creates a tunnel to the upstream SSH server. When using ProxyCommand alone, the issue is that the identity files are loaded as soon as SSH has fork/exec'd the process. It does not wait for a valid server negotiation. I
2003 Mar 17
1
ProxyCommand
Hi all, I tried to use the ProxyCommand option in the ~/.ssh/config file like ProxyCommand /usr/local/bin/corkscrew <firewall> 80 %h %p but it seems th me that the ssh clinet won't use the option .. How can I tell the client to accept the proxy an send all requests to this host, bcause the internet names ("%P") cannot be resolved inside our lan - this must do the proxy.
2009 Sep 11
1
ProxyCommand not working if $SHELL not defined
#ssh -V OpenSSH_5.1p1, OpenSSL 0.9.8i 15 Sep 2008 Probably is not a real issue, because everyone should have its SHELL var defined, but as said above, when it's not, ssh with ProxyCommand will fail. I use connect.c, but with no SHELL var defined is not executed, ssh -v will give "No such file", and I'm pretty sure it refers to the shell, I read in ChangeLog that now ProxyCommand
2024 Jan 14
2
ProxyJump may construct erroneous ProxyCommand
On Sat, 13 Jan 2024, Rob Leslie wrote: > Hello, > > On macOS, Terminal?s ?New Remote Connection?? command runs ssh in a new window like this: > > login -pfq $USER /usr/bin/ssh $HOST > > Here, login executes /usr/bin/ssh with argv[0] set to ?-ssh?. > > If $HOST has a ProxyJump configuration, the resulting ProxyCommand is: > > -ssh -W '[%h]:%p'
2024 Nov 12
2
[Bug 3751] New: ssh fails to parse ProxyCommand option with a string that ends in a backslash
https://bugzilla.mindrot.org/show_bug.cgi?id=3751 Bug ID: 3751 Summary: ssh fails to parse ProxyCommand option with a string that ends in a backslash Product: Portable OpenSSH Version: 8.7p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5
2014 Mar 23
1
ProxyCommand as both a resolver and connector
I see that the hostname canonicalization configuration options is still rather limited. As that works on DNS level they are of not use if one has to use ProxyCommand to connect over a proxy connection or through a common gateway name where one uses different port numbers to connect to different intranet names. What would be ideal is to extend the ProxyCommand to both return the resolved universal
2024 Jan 14
2
ProxyJump may construct erroneous ProxyCommand
Hello, On macOS, Terminal?s ?New Remote Connection?? command runs ssh in a new window like this: login -pfq $USER /usr/bin/ssh $HOST Here, login executes /usr/bin/ssh with argv[0] set to ?-ssh?. If $HOST has a ProxyJump configuration, the resulting ProxyCommand is: -ssh -W '[%h]:%p' $JUMP_HOST Because of the leading hyphen, this fails to execute. If the user?s shell is zsh, the
2005 Nov 11
2
[Bug 1118] Annoying "Killed by signal 1" message with ProxyCommand
http://bugzilla.mindrot.org/show_bug.cgi?id=1118 Summary: Annoying "Killed by signal 1" message with ProxyCommand Product: Portable OpenSSH Version: 4.2p1 Platform: Other OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org
2013 Oct 23
1
ProxyCommand brokent in recent snapshots
Hello, While testing recent snapshots (20131023 and 20131024) I encountered a problem with ProxyCommand. The regression tests all passed, but the use of ProxyCommand's in my ~/.ssh/config resulted in name resolution errors; even if CanonicalizeHostname was explicitly set to "no." The patch included inline below fixed the issue: Index: ssh.c
2002 Sep 30
2
[PATCH] Allow "ProxyCommand none" in ssh_config
Hi! As discussed in the thread "Question regarding patch for ProxyCommand setting". The patch is rather straight forward; maybe it would be a good idea to improve it in a way that it uses a list of string options that may have a "none" value to reset it to NULL. Ciao Thomas -------------- next part -------------- Index: readconf.c
2002 Apr 17
1
ProxyCommand commands don't exit
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I've noticed that when I use ProxyCommand commands to connect, the commands do not exit when ssh exits. This results in a bunch of commands piling up on the machine over time. I experimented with four machines: linux-2.2.19+patches, openssh-3.0.1p1 linux-2.2.14+patches, openssh-3.0.1p1 freebsd-4.5-stable, openssh-2.9 localisations 20020307
2004 May 12
1
ssh-keyscan not using ProxyCommand?
I have a network without a network connection to other networks. But a socks server is dual homed between it and other networks. I can use socks to ssh to other networks. I use ProxyCommand with the socks aware connect.c program to connect out. All works great. I discovered while trying to use the ssh-keyscan program that it does not use the ProxyCommand configuration. At least in my testing