similar to: ssh could have a grace period a la sudo

Hi, (I'm not subscribed to the list, so please CC me on reply.) I'd like to request adding a feature to OpenSSH: Task: ~~~~~ It is quite sometime useful to invoke a program prior to connecting to an ssh server. The most common use case will probably be port knocking. That is a small program sends certain packets to a server and the server reacts to this by unlocking the ssh port, which

A few options appear to be missing from the list in ssh's manual. The one I didn't add is EnableSSHKeysign, whose description implies it is only effective when placed in the system-wide config file. Index: ssh.1 =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh.1,v retrieving revision 1.319 diff -u -p -r1.319 ssh.1 --- ssh.1 7 May 2011

TL;DR: I expect ProxyCommand to have effect in preference to ControlPath. I've just tripped over this one. I have an ssh Host (let us call it "MAIN") with a ControlPath and with ControlMaster=no, from the .ssh/config file. I also have a shell script whose purpose is to hop to a remote host through a port forward, which uses the ProxyCommand option like this: ProxyCommand ssh

https://bugzilla.mindrot.org/show_bug.cgi?id=2621 Bug ID: 2621 Summary: ControlMaster started by scp (non-ssh?) doesn't forward agent Product: Portable OpenSSH Version: 7.3p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: Miscellaneous

https://bugzilla.mindrot.org/show_bug.cgi?id=1280 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org Blocks| |1452 --- Comment #1 from Damien Miller

This allows me to set 'ControlPath ~/.ssh/sockets/%h.%p.%u' for example. Have I missed a good reason why ssh_connect finds the default port number for itself instead of just having it in options.port (like we do for the the default in options.user)? --- openssh-4.1p1/ssh.c~ 2005-06-12 09:47:18.000000000 +0100 +++ openssh-4.1p1/ssh.c 2005-06-12 09:40:53.000000000 +0100 @@ -604,6 +604,17

It has always bugged me that if I want to use a shell and perform some file transfers in a single host I have to take two SSH connections: one for the shell via ssh(1) and one for the file transfer via sftp(1). Some graphical SSH clients can perform sftp operations and ssh shell access in a single connection by using SSH2 protocol's support for multiple channels. So I hacked my openssh client

Hi guys, I've made a patch adding LocalPreCommand to ssh_config. It mimics behaviour of LocalCommand, but is executed right before the connection is opened. This makes possible e.g. to integrate ssh with port knocking. It also removes "-oPermitLocalCommand=no" from scp allowing the same functionality to be used for file transfers. Applies cleanly on vanilla OpenSSH 6.7p1.

Hello All-- First, thanks for ControlPath/ControlMaster. It's very handy, and ControlMaster=autoask is just what i wanted! I'm having difficulty with a common use case, however. I want to LocalForward on secondary connections using an already-established ControlPath. From what i can tell, the second ssh connection doesn't report any errors, but silently ignores the supplied

Packing the data in TERM is a great idea! I?ll see what I can do with that. >> Finally, some administrative notes: I wasn't able to sign up for this >> mailing list at >> https://lists.mindrot.org/mailman/subscribe/openssh-unix-dev because >> attempts to do so were met by a "Bug in Mailman version 2.1.39" page. > > I just tried that and didn't get

While it's real handy to have "ControlMaster auto" to have multiple sessions get muxed into one, sometimes it's really helpful to _not_ use the same session (e.g. if you want to ssh -2fNR). It'd be quite nice if there were a flag to tell openssh to not mux the new connection at all - i.e. what "ssh -o ControlPath=none" does. (The 'obvious' invocation `ssh

Hi there, okay so I have a port knocker installed on my remote server so I am trying to bundle a bunch of directories in a single ssh session that rsync establishes. so far all the rsync examples I have seen require a new ssh session for each directory. is there anyway to get something like this into one line and therefore one ssh session. Clues on this? --- snip --- /usr/bin/rsync -avrz

Hi, It seems there is a problem regarding ControlMaster and scp'ing a file depending on the current working directory: $ cd ~/Personnel $ scp -o ControlMaster=yes cox.jpg host.local: muxserver_listen bind(): No such file or directory lost connection $ scp -o ControlMaster=no cox.jpg host.local: cox.jpg 100% 222KB 222.1KB/s 00:00 $ cd $ scp -o

Hi, Not sure if this anyone else is interested in this but to me it seems to make sense to use different control session multiplexer sockets for bulk and interactive workloads. Index: auth.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/auth.c,v retrieving revision 1.94 diff -u -p -r1.94 auth.c --- auth.c 23 May 2011 03:33:38 -0000 1.94 +++

https://bugzilla.mindrot.org/show_bug.cgi?id=1594 Summary: please add an option to print the pid of -f backgrounded process Product: Portable OpenSSH Version: 5.2p1 Platform: Other OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: ssh AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=2348 Bug ID: 2348 Summary: allow ssh to connect to a unix domain socket Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at

Hi, A user has noticed that X11 forwarding does not appear to work when using session multiplexing. It seems that the DISPLAY environment variable is not getting set in the slave sessions. Any thought? The ~/.ssh/config ib below. Host somehost-master ControlMaster yes ControlPath ~/.ssh/somehost.sock HostbasedAuthentication no HostName somehost Host somehost-slave ControlPath

I use ControlMaster auto (along with ControlPath) in my ssh config and find it very handy. I have noticed an annoying behavior, though: it seems that if there is no existing master connection and ssh creates a new one, the master connection process that is started has its stderr left open. This has manifested itself in two ways so far: (1) When using ssh day-to-day, I may be doing some work and

Dear ssh gurus, Here's the version I'm testing on : flavien :/$ ssh -V OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009 I launch a remote command : flavien$ ssh -o ControlMaster=yes -o ControlPath=/tmp/ssh-control localhost 'echo pid:$$ ...sleeping...; sleep 2803' flavien at localhost's password: pid:11565 ...sleeping... On another shell, I

Numerous how-tos all over the Internet show how one would set up a tunnel using ssh, e.g.: ssh -f -o Tunnel=ethernet <server_ip> true I was wondering if there's a way to subsequently acquire the names of the local and remote tun/tap interfaces (e.g., using the default "-w any:any") for subsequent automatic tunnel configuration, e.g.: ip link set $TapDev up ip link set