Displaying 20 results from an estimated 1000 matches similar to: "What is the ssh_config equivalent to this syntax involving multiple at signs"
2023 Aug 18
2
Host key verification (known_hosts) with ProxyJump/ProxyCommand
On 18.08.23 07:39, Darren Tucker wrote:
> On Fri, 18 Aug 2023 at 15:25, Stuart Longland VK4MSL <me at vk4msl.com> wrote:
> [...]
>> The crux of this is that we cannot assume the local IPv4 address is
>> unique, since it's not (and in many cases, not even static).
>
> If the IP address is not significant, you can tell ssh to not record
> them ("CheckHostIP
2001 Nov 29
1
cannot create .hosts.b0WX1x : File exists
Hello,
when I do:
/opt/rsync/bin/rsync /etc/hosts targethost::bkp/
I get:
cannot create .hosts.b0WX1x : File exists
I check the targethost and I get empty file .hosts.b0WX1x
When trying with other targethost-s it works, but on this one it doesn't.
On the other targethosts I have exactly the same LinuX distribution,
permissions and users than on the problem targethost.
I have exactly the
2020 May 20
7
CanonicalHostname and ssh connections through a jumphost
raf wrote:
> Warlich, Christof wrote:
> > ...
> > I want to be able to ssh to all internal hosts that live in the internal.sub.domain.net,
> > i.e. that are only accessible through the internal.sub.domain.net jumphost without
> > having to list each of these hosts somewhere, as they may frequently be added or
> > removed from the internal domain and without being
2020 Apr 17
2
Feature request: ProxyJump with Unix sockets
Dear developers,
The ProxyJump feature is nowadays implemented on the basis of a TCP port forwarding on the jumping host, isn't it?
As a result, this is affected by a AllowTcpForwarding=no configuration on the jumping host.
So, may I suggest a variant based on Unix sockets (such as -L or -R does).
Nice idea, isn't it?
Any volunteer to implement this?
Best regards
Christophe
2012 Jun 05
7
Not using expired node for targethost from cache; expired
Hi,
When I execute *puppet agent --test --debug --verbose* on the target host,
I receive the following error message:
err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Could not find class pe_accounts for targethost on node targethost
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
I enabled debugging for the Puppet Master, and
2015 Oct 20
3
Is there any solution, or even work on, limiting which keys gets forwarded where?
On Tue, Oct 20, 2015 at 01:31:46AM +0200, ?ngel Gonz?lez wrote:
> On 16/10/15 12:46, hubert depesz lubaczewski wrote:
> >On Thu, Oct 15, 2015 at 04:15:03PM -0400, Daniel Kahn Gillmor wrote:
> >>> if the intermediary machine (the "jumphost") is jumphost.example, and
> >>> you are trying to reach bar.example.com (which is behind the firewall),
>
2015 Oct 16
3
Is there any solution, or even work on, limiting which keys gets forwarded where?
On Thu, Oct 15, 2015 at 04:15:03PM -0400, Daniel Kahn Gillmor wrote:
> if the intermediary machine (the "jumphost") is jumphost.example, and
> you are trying to reach bar.example.com (which is behind the firewall),
> you would do:
> ssh -oProxyCommand='ssh jumphost.example -W %h:%p' bar.example.com
We use jump host, but there are literally hundreds of hosts behind
2013 Jul 05
2
Trouble with -W
I want to ssh from a client to a machine on a closed network via a
jumphost; let's call them {client,internal,jumphost}.example.com. I
have authpf set up on the jumphost so that when logged in, I am allowed
to open TCP connections from the jumphost to port 22 on internal nodes.
This works well with port forwarding:
des at client ~% ssh -L2222:internal.example.com:22 jumphost.example.com
2019 Aug 14
10
[Bug 3057] New: Fork-bomb when misconfiguring a host to ProxyJump onto itself
https://bugzilla.mindrot.org/show_bug.cgi?id=3057
Bug ID: 3057
Summary: Fork-bomb when misconfiguring a host to ProxyJump onto
itself
Product: Portable OpenSSH
Version: 7.9p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
2000 Jul 18
5
scp not shutting down in 2.1.1p4
Hi!
as I just noted, after scp the connection does not shut down properly.
When I do a "scp file targethost:path", on targethost a "sshd" process is
left running. I do use
--with-default-path="/usr/local/openssh/bin:/usr/bin:/usr/local/bin"
to assure, that the corrensponding openssh-scp is used.
It also seems, that normal sessions are not always closed properly.
2023 Aug 18
1
Host key verification (known_hosts) with ProxyJump/ProxyCommand
On 18/8/23 18:37, Jochen Bern wrote:
> On 18.08.23 07:39, Darren Tucker wrote:
>> On Fri, 18 Aug 2023 at 15:25, Stuart Longland VK4MSL <me at vk4msl.com>
>> wrote:
>> [...]
>>> The crux of this is that we cannot assume the local IPv4 address is
>>> unique, since it's not (and in many cases, not even static).
>>
>> If the IP address is
2006 Aug 07
5
Store SOAP::RPC::Driver in user session throws TypeError
Hi All
I have a
requirement to consume a 3rd party web service from my Rails
application. I am doing this
in my action
require ''soap/wsdlDriver''
factory = SOAP::WSDLDriverFactory.new(TRANSIDIOM_WSDL_URL)
soap = factory.create_rpc_driver
soap.wiredump_file_base="#{RAILS_ROOT}/log/transidiom.log"
param = %(<Request
2023 Aug 10
4
RT/Linux SCHED_RR/_FIXED to combat latency?
Good morning!
We're experiencing rather very bad latency spikes on busy Linux
systems, for example if one machine is the jumphost (ssh -J) for a few
hundred connections, while at the same time handles CPU intensive
tasks.
Would RT/Linux SCHED_FIXED or SCHED_RR be of help in such a case, e.g.
put all ssh processes into the SCHED_FIXED scheduling class, with a
priority higher than the
2006 Nov 24
1
fail to exit shell after issuing 'ssh -f .... targethost.foo.bar sleep 500000'
Hi,
Software in use:
OpenSSH-Version: 4.5p1
OpenSSL-Version: 0.98d
zlib-Version: 1.2.3
OS-Platform: AIX 5.3 ML4
Problem:
when issuing following command on an AIX host:
$ ssh -2 -n -f -x -L6666:localhost:6666 -o BatchMode=yes targethost sleep
500000
$ exit
the shell is waiting for the finish of issued command (sleep).
The expected behaviour of above command should be, that the shell would
2017 Nov 03
2
ControlPath versus ProxyCommand
On 03Nov2017 13:07, Damien Miller <djm at mindrot.org> wrote:
>On Fri, 3 Nov 2017, Cameron Simpson wrote:
>> TL;DR: I expect ProxyCommand to have effect in preference to
>> ControlPath.
[...]
>> On reflection, of course these are distinct options and that side of
>> things isn't, of itself, a bug. However, is there a sane use case for
>> using
2020 Jan 21
2
Security implications of using ControlMaster
On Tue, Jan 21, 2020 at 11:08:51AM +1100, Damien Miller wrote:
> So IMO disallowing session multiplexing is at most a speedbump that an
> attacker will cross with relative ease. Speedbumps make sense sometimes,
An attacker getting root on the jumphost gets immediate control of
any _current_ persistent connections and new connections. Without
ControlMaster it's a _lot_ harder to take
2023 Aug 10
1
RT/Linux SCHED_RR/_FIXED to combat latency?
On Thu, 10 Aug 2023, Cedric Blancher wrote:
>We're experiencing rather very bad latency spikes on busy Linux
>systems, for example if one machine is the jumphost (ssh -J) for a few
>hundred connections, while at the same time handles CPU intensive
>tasks.
>
>Would RT/Linux SCHED_FIXED or SCHED_RR be of help in such a case, e.g.
Did you already check the old and tried method
2023 Apr 01
1
[Bug 3555] New: ForwardAgent doesn't work under Match canonical
https://bugzilla.mindrot.org/show_bug.cgi?id=3555
Bug ID: 3555
Summary: ForwardAgent doesn't work under Match canonical
Product: Portable OpenSSH
Version: 8.4p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: ssh
Assignee: unassigned-bugs at
2023 Dec 12
4
[Bug 3643] New: order_hostkeyalgs can't find host-key in KnownHostsCommand if it contains port
https://bugzilla.mindrot.org/show_bug.cgi?id=3643
Bug ID: 3643
Summary: order_hostkeyalgs can't find host-key in
KnownHostsCommand if it contains port
Product: Portable OpenSSH
Version: 9.5p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
2005 Feb 22
0
Possible bug in openssh parsing of hosts.equiv for netgroups?
Open-SSH'ers,
I just noticed that ssh doesn't parse hosts.equiv the same as rsh.
I set up an usertest user on targethost, and then su'ed to usertest
on sourcehost. I put this in targethost's /etc/hosts.equiv
+ -usertest
+ at trusted-hosts (all hosts are rolled up into this netgroup)
this should disallow usertest from rsh'ing into targethost from all
hosts, but