similar to: Waiting until tunnel (ssh -w) is set up before running command

It would be useful to allow matching HostName entries against Host entries. That's to say, I would find it very convenient to have an ssh_config like: Host zeus HostName zeus.greek.gods User hades Host hera HostName hera.greek.gods # [ ... ] Host *.greek.gods User poseidon UserKnownHostsFile ~/.ssh/known_hosts.d/athens # [ Default settings for *.greek.gods ] where I

This provides a mechanism to attach arbitrary configure options into the ssh_config file and use them from the LocalCommand and ProxyCommand. Examples: # set FOO to foo LocalEnvMod FOO = foo # append bar to FOO with default separator "," LocalEnvMod FOO += bar # unset FOO LocalEnvMod FOO = # append foo to BAR with separator ":", if BAR is empty

Hi guys, I've made a patch adding LocalPreCommand to ssh_config. It mimics behaviour of LocalCommand, but is executed right before the connection is opened. This makes possible e.g. to integrate ssh with port knocking. It also removes "-oPermitLocalCommand=no" from scp allowing the same functionality to be used for file transfers. Applies cleanly on vanilla OpenSSH 6.7p1.

Hi, I'm working on a tool for persistent terminal sessions that works much like tmux, and I would like to be able to make it so that people can set things up so that when they ssh onto a remote host, they automatically connect to a persistent session based on the local terminal they are connecting from. The idea would be that users can just type `ssh my-host` if their connection drops and

Hi, (I'm not subscribed to the list, so please CC me on reply.) I'd like to request adding a feature to OpenSSH: Task: ~~~~~ It is quite sometime useful to invoke a program prior to connecting to an ssh server. The most common use case will probably be port knocking. That is a small program sends certain packets to a server and the server reacts to this by unlocking the ssh port, which

http://bugzilla.mindrot.org/show_bug.cgi?id=1232 Summary: "LocalCommand" is executed before "Tunnel" is set up Product: Portable OpenSSH Version: 4.3p2 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=1766 Summary: ssh should provide the current session configuration to subprocesses it invokes (via the environment?) Product: Portable OpenSSH Version: 5.5p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2

I've setup a lab to test the new tunneling options in the latest openssh. Things work well... for a while... then the tunnel goes unidirectional. openssh-SNAP-20060122.tar.gz lab1 config: # uname -a FreeBSD lab1 6.0-RELEASE FreeBSD 6.0-RELEASE #0: Fri Jan 13 13:01:17 EST 2006 root@:/usr/src/sys/i386/compile/SMP i386 # cat /etc/sysctl.conf | egrep -v '(^#|^$)'

/-----------------------\ | | |eth0 |eth0 |-------| |-------| | |eth1 eth1 | | -------- A |____ _______| B |----- | | \ / | | --------| | | --------| | | | |

Dear list, I am having a problem with openvpn. I have the following arrangement, running two instances of openvpn on "home fw". I want to protect my WLAN in back of the home fw and that works fine. I can see "Peer connection initiated with 192.168.1.3:5000" in daemon.log on homefw. Nothing gets initiated with officefw, nor can I ping the other end of the tunnel at officefw.

https://bugzilla.mindrot.org/show_bug.cgi?id=2273 Bug ID: 2273 Summary: The group of the tunnel device needs to match with the group of the connecting ssh user Product: Portable OpenSSH Version: 6.6p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5

Greetings xen gurus... I''m working with xen-3.0-testing downloaded on July 3, 2006. I have configured an hvm domain and want to use vif-route and network-route to configure the communication. The domU starts up fine. I was able to complete the installation of the OS (RHES3) and can restart the domain repeatedly. However, I cannot ping the network interface from dom0 using the

Hi! I hope this list a good place for my question - I've googled for it first, but I didn't find any answers. I'm trying to use the new ssh IP tunnel feature to get a secure access to my machine at work, which is behind a firewall/NAT but it has a ssh port in outbound direction open. The problem is that the tunnel freezes occasionally, mostly in one direction only. The freeze

https://bugzilla.mindrot.org/show_bug.cgi?id=2272 Bug ID: 2272 Summary: Global "PermitTunnel Yes" required to connect to a tunnel Product: Portable OpenSSH Version: 6.6p1 Hardware: amd64 OS: Linux Status: NEW Severity: major Priority: P5 Component: sshd

Hi all, I have set up a working OpenVPN2 connection between my Server and my gateway at home. Now I want all traffic to be routed through this VPN connection. Currently everything is going through eth1 to the internet (to the gateway of the University which forwards it to the internet :-). We must use a prox-server and because of this I am not abel to watch the real-Media streams on

the fact that ssh insists on tap* and tun* tun/tap-device-names is a real nag and prevents from nice and easy solutions in some cases. the channel type used for tun/tap forwarding is tun at openssh.com, and it defines the remote tunnel id to be integer. so from what i understood these packet definitions are static per channel type, so for compatiblity the tun at openssh.com type has to stay,

Hi list, I use ssh a lot and I often need to connect to hosts whose host key has changed. If a host key of the remote host changes ssh terminates and the user has to manually delete the offending host key from known_hosts. I had to do this so many times that I no longer like the idea ;-) I would really like ssh to ask me if the new host key is OK and if I want to add it to known_hosts. I talked

I've been testing tunneling on Linux with openssh-SNAP-20060116.tar.gz and found a problem. When I use LocalCommand for doing ifconfig stuff, the command line was executed before a tunneling interface is opened. This causes errors on Linux and the interface is not automatically set up. This is not a problem on *BSD because you can do ifconfig for unopened tun/tap interfaces. But in Linux,

I was trying the following setup with IPIP tunnels, one that used to work through another ISP, but no longer... Internal network | Linux box 1 (kernel 2.2.24) iif=10.0.0.1, extf=a.b.c.d, tunf=172.16.0.1 | |local metropolitan network | Another Linux box 2 (kernel 2.2.17, or 2.4.19, same result) iif=irrelevant, extf=x.y.z.v,

After the commit titled "expand %h to the hostname in ssh_config Hostname options" (2010-07-16), %n always got the same value as %h in the LocalCommand config option. Fix this and add a regression test. --- regress/Makefile | 6 ++++-- regress/host-expand.sh | 18 ++++++++++++++++++ ssh.c | 6 ++++-- 3 files changed, 26 insertions(+), 4 deletions(-) diff