similar to: What is the ssh_config equivalent to this syntax involving multiple at signs

On 18.08.23 07:39, Darren Tucker wrote: > On Fri, 18 Aug 2023 at 15:25, Stuart Longland VK4MSL <me at vk4msl.com> wrote: > [...] >> The crux of this is that we cannot assume the local IPv4 address is >> unique, since it's not (and in many cases, not even static). > > If the IP address is not significant, you can tell ssh to not record > them ("CheckHostIP

Hello, when I do: /opt/rsync/bin/rsync /etc/hosts targethost::bkp/ I get: cannot create .hosts.b0WX1x : File exists I check the targethost and I get empty file .hosts.b0WX1x When trying with other targethost-s it works, but on this one it doesn't. On the other targethosts I have exactly the same LinuX distribution, permissions and users than on the problem targethost. I have exactly the

raf wrote: > Warlich, Christof wrote: > > ... > > I want to be able to ssh to all internal hosts that live in the internal.sub.domain.net, > > i.e. that are only accessible through the internal.sub.domain.net jumphost without > > having to list each of these hosts somewhere, as they may frequently be added or > > removed from the internal domain and without being

Dear developers, The ProxyJump feature is nowadays implemented on the basis of a TCP port forwarding on the jumping host, isn't it? As a result, this is affected by a AllowTcpForwarding=no configuration on the jumping host. So, may I suggest a variant based on Unix sockets (such as -L or -R does). Nice idea, isn't it? Any volunteer to implement this? Best regards Christophe

Hi, When I execute *puppet agent --test --debug --verbose* on the target host, I receive the following error message: err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find class pe_accounts for targethost on node targethost warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run I enabled debugging for the Puppet Master, and

On Tue, Oct 20, 2015 at 01:31:46AM +0200, ?ngel Gonz?lez wrote: > On 16/10/15 12:46, hubert depesz lubaczewski wrote: > >On Thu, Oct 15, 2015 at 04:15:03PM -0400, Daniel Kahn Gillmor wrote: > >>> if the intermediary machine (the "jumphost") is jumphost.example, and > >>> you are trying to reach bar.example.com (which is behind the firewall), >

On Thu, Oct 15, 2015 at 04:15:03PM -0400, Daniel Kahn Gillmor wrote: > if the intermediary machine (the "jumphost") is jumphost.example, and > you are trying to reach bar.example.com (which is behind the firewall), > you would do: > ssh -oProxyCommand='ssh jumphost.example -W %h:%p' bar.example.com We use jump host, but there are literally hundreds of hosts behind

I want to ssh from a client to a machine on a closed network via a jumphost; let's call them {client,internal,jumphost}.example.com. I have authpf set up on the jumphost so that when logged in, I am allowed to open TCP connections from the jumphost to port 22 on internal nodes. This works well with port forwarding: des at client ~% ssh -L2222:internal.example.com:22 jumphost.example.com

https://bugzilla.mindrot.org/show_bug.cgi?id=3057 Bug ID: 3057 Summary: Fork-bomb when misconfiguring a host to ProxyJump onto itself Product: Portable OpenSSH Version: 7.9p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh

Hi! as I just noted, after scp the connection does not shut down properly. When I do a "scp file targethost:path", on targethost a "sshd" process is left running. I do use --with-default-path="/usr/local/openssh/bin:/usr/bin:/usr/local/bin" to assure, that the corrensponding openssh-scp is used. It also seems, that normal sessions are not always closed properly.

On 18/8/23 18:37, Jochen Bern wrote: > On 18.08.23 07:39, Darren Tucker wrote: >> On Fri, 18 Aug 2023 at 15:25, Stuart Longland VK4MSL <me at vk4msl.com> >> wrote: >> [...] >>> The crux of this is that we cannot assume the local IPv4 address is >>> unique, since it's not (and in many cases, not even static). >> >> If the IP address is

Hi All I have a requirement to consume a 3rd party web service from my Rails application. I am doing this in my action require ''soap/wsdlDriver'' factory = SOAP::WSDLDriverFactory.new(TRANSIDIOM_WSDL_URL) soap = factory.create_rpc_driver soap.wiredump_file_base="#{RAILS_ROOT}/log/transidiom.log" param = %(<Request

Good morning! We're experiencing rather very bad latency spikes on busy Linux systems, for example if one machine is the jumphost (ssh -J) for a few hundred connections, while at the same time handles CPU intensive tasks. Would RT/Linux SCHED_FIXED or SCHED_RR be of help in such a case, e.g. put all ssh processes into the SCHED_FIXED scheduling class, with a priority higher than the

Hi, Software in use: OpenSSH-Version: 4.5p1 OpenSSL-Version: 0.98d zlib-Version: 1.2.3 OS-Platform: AIX 5.3 ML4 Problem: when issuing following command on an AIX host: $ ssh -2 -n -f -x -L6666:localhost:6666 -o BatchMode=yes targethost sleep 500000 $ exit the shell is waiting for the finish of issued command (sleep). The expected behaviour of above command should be, that the shell would

On 03Nov2017 13:07, Damien Miller <djm at mindrot.org> wrote: >On Fri, 3 Nov 2017, Cameron Simpson wrote: >> TL;DR: I expect ProxyCommand to have effect in preference to >> ControlPath. [...] >> On reflection, of course these are distinct options and that side of >> things isn't, of itself, a bug. However, is there a sane use case for >> using

On Tue, Jan 21, 2020 at 11:08:51AM +1100, Damien Miller wrote: > So IMO disallowing session multiplexing is at most a speedbump that an > attacker will cross with relative ease. Speedbumps make sense sometimes, An attacker getting root on the jumphost gets immediate control of any _current_ persistent connections and new connections. Without ControlMaster it's a _lot_ harder to take

On Thu, 10 Aug 2023, Cedric Blancher wrote: >We're experiencing rather very bad latency spikes on busy Linux >systems, for example if one machine is the jumphost (ssh -J) for a few >hundred connections, while at the same time handles CPU intensive >tasks. > >Would RT/Linux SCHED_FIXED or SCHED_RR be of help in such a case, e.g. Did you already check the old and tried method

https://bugzilla.mindrot.org/show_bug.cgi?id=3555 Bug ID: 3555 Summary: ForwardAgent doesn't work under Match canonical Product: Portable OpenSSH Version: 8.4p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=3643 Bug ID: 3643 Summary: order_hostkeyalgs can't find host-key in KnownHostsCommand if it contains port Product: Portable OpenSSH Version: 9.5p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5

Open-SSH'ers, I just noticed that ssh doesn't parse hosts.equiv the same as rsh. I set up an usertest user on targethost, and then su'ed to usertest on sourcehost. I put this in targethost's /etc/hosts.equiv + -usertest + at trusted-hosts (all hosts are rolled up into this netgroup) this should disallow usertest from rsh'ing into targethost from all hosts, but