Displaying 20 results from an estimated 20000 matches similar to: "[Bug 3186] New: ProxyJump should include IdentityFile when specified"
2023 May 12
0
[Bug 3570] New: Add substitution token for explicitly selected IdentityFile for ControlPath selection
https://bugzilla.mindrot.org/show_bug.cgi?id=3570
Bug ID: 3570
Summary: Add substitution token for explicitly selected
IdentityFile for ControlPath selection
Product: Portable OpenSSH
Version: 9.3p1
Hardware: All
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
2017 Jul 12
3
[Bug 2744] New: ProxyJump causes "Killed by signal 1" to be printed in terminal.
https://bugzilla.mindrot.org/show_bug.cgi?id=2744
Bug ID: 2744
Summary: ProxyJump causes "Killed by signal 1" to be printed in
terminal.
Product: Portable OpenSSH
Version: 7.5p1
Hardware: Other
OS: Linux
Status: NEW
Severity: trivial
Priority: P5
Component:
2020 May 11
0
[Bug 3163] New: teach ssh-keyscan to use ssh_config (plus options like ProxyJump)
https://bugzilla.mindrot.org/show_bug.cgi?id=3163
Bug ID: 3163
Summary: teach ssh-keyscan to use ssh_config (plus options like
ProxyJump)
Product: Portable OpenSSH
Version: 7.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component:
2019 Oct 09
3
[Bug 3080] New: Document IdentityFile=none and clarify interaction of defaults with IdentitiesOnly
https://bugzilla.mindrot.org/show_bug.cgi?id=3080
Bug ID: 3080
Summary: Document IdentityFile=none and clarify interaction of
defaults with IdentitiesOnly
Product: Portable OpenSSH
Version: 8.0p1
Hardware: Other
OS: All
Status: NEW
Severity: normal
Priority: P5
2023 Jun 21
2
[Bug 3582] New: Confusing error message when using ProxyJump
https://bugzilla.mindrot.org/show_bug.cgi?id=3582
Bug ID: 3582
Summary: Confusing error message when using ProxyJump
Product: Portable OpenSSH
Version: 9.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at
2024 Jan 14
2
ProxyJump may construct erroneous ProxyCommand
On Sat, 13 Jan 2024, Rob Leslie wrote:
> Hello,
>
> On macOS, Terminal?s ?New Remote Connection?? command runs ssh in a new window like this:
>
> login -pfq $USER /usr/bin/ssh $HOST
>
> Here, login executes /usr/bin/ssh with argv[0] set to ?-ssh?.
>
> If $HOST has a ProxyJump configuration, the resulting ProxyCommand is:
>
> -ssh -W '[%h]:%p'
2019 Aug 14
10
[Bug 3057] New: Fork-bomb when misconfiguring a host to ProxyJump onto itself
https://bugzilla.mindrot.org/show_bug.cgi?id=3057
Bug ID: 3057
Summary: Fork-bomb when misconfiguring a host to ProxyJump onto
itself
Product: Portable OpenSSH
Version: 7.9p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
2002 Oct 03
0
[Bug 410] New: when -i or IdentityFile is specified, agent keys are still tried first
http://bugzilla.mindrot.org/show_bug.cgi?id=410
Summary: when -i or IdentityFile is specified, agent keys are
still tried first
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: minor
Priority: P2
Component: ssh-agent
AssignedTo:
2002 Oct 04
1
[Bug 410] when -i or IdentityFile is specified, agent keys are still tried first
http://bugzilla.mindrot.org/show_bug.cgi?id=410
------- Additional Comments From markus at openbsd.org 2002-10-04 17:34 -------
it's not documented that -i or IdentityFile overwrite
the agent and it's to late to even consider this change.
if you don't want to use the agent, unset SSH_AUTH_SOCK
------- You are receiving this mail because: -------
You are the assignee for the
2016 Aug 12
4
ProxyJump in 7.3, depending on location
Hi,
I'm very grateful for the new ProxyJump option. It helps tremendously!
One small question I'd like to ask, though: Is there a way to skip
one (mostly the first) jump host if the machine is in some specific
network?
For example, from home, I (resp. a shell script) need to jump to the
office's server, a customers' login host, and then to the destination
node; from the
2024 Mar 13
0
ProxyJump does not accept IPv6 for the intermediate host?
On Wed, 2024-03-13 at 11:41 +0000, Job Snijders wrote:
> On Wed, Mar 13, 2024 at 12:19:24PM +0100, Adam Kalisz wrote:
> > it seems I cannot use:
> >
> > $ ssh -J root at 2a01:4f8:1c1e:528d::1 root at west-coast
> > Invalid -J argument
>
> Try this:
>
> ??? $ ssh -J root@[2a01:4f8:1c1e:528d::1] root at west-coast
Thank you all for helping with the syntax.
2017 May 31
1
[PATCH 0/1] Process the IdentityFile option from the included files
Hello,
This change is to get the IdentityFile option processed
from the included configuration files.
Regards,
Oleg
Oleg Zhurakivskyy (1):
Process the IdentityFile option from the included files
readconf.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
--
2.9.3
2023 Nov 12
1
Match Principal enhancement
Hi OpenSSH devs,
I?m wondering if the following has any merit and can be done securely ...
If you could match on principals in the sshd_config, then (for example) on a gateway machine, you could have something like
/etc/ssh/authorized_keys/sshfwd:
cert-authority,principals=?batcha-fwd,batchb-fwd? ...
/etc/ssh/sshd_config containing:
Match User sshfwd
PubkeyAuthentication yes
2023 Aug 18
1
Host key verification (known_hosts) with ProxyJump/ProxyCommand
Hi all,
I noticed a bit of an odd issue with maintaining `known_hosts` when the
target machine is behind a bastion using `ProxyJump` or `ProxyCommand`
with host key clashes.
Client for me right now is OpenSSH_9.3p1 on Gentoo Linux/AMD64. I'm a
member of a team, and most of us use Ubuntu (yes, I'm a rebel). Another
team who actually maintain this fleet often access the same machines
2023 Aug 18
1
Host key verification (known_hosts) with ProxyJump/ProxyCommand
On 18/8/23 18:37, Jochen Bern wrote:
> On 18.08.23 07:39, Darren Tucker wrote:
>> On Fri, 18 Aug 2023 at 15:25, Stuart Longland VK4MSL <me at vk4msl.com>
>> wrote:
>> [...]
>>> The crux of this is that we cannot assume the local IPv4 address is
>>> unique, since it's not (and in many cases, not even static).
>>
>> If the IP address is
2023 Nov 12
1
Match Principal enhancement
AFAIK everything you described here could be done using the
AuthorizedKeysCommand or AuthorizedPrincipalsCommand directives. These
can emit authorized_keys options (inc. permitopen) as well as the allowed
keys/principals.
On Sun, 12 Nov 2023, Bret Giddings wrote:
> Hi OpenSSH devs,
>
> I?m wondering if the following has any merit and can be done securely ...
>
> If you could
2011 May 02
12
[Bug 1898] New: possible unreasonable behaviour when using ProxyCommand with multiple IdentityFile(s)
https://bugzilla.mindrot.org/show_bug.cgi?id=1898
Summary: possible unreasonable behaviour when using
ProxyCommand with multiple IdentityFile(s)
Product: Portable OpenSSH
Version: 5.8p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Miscellaneous
2024 Jan 14
2
ProxyJump may construct erroneous ProxyCommand
Hello,
On macOS, Terminal?s ?New Remote Connection?? command runs ssh in a new window like this:
login -pfq $USER /usr/bin/ssh $HOST
Here, login executes /usr/bin/ssh with argv[0] set to ?-ssh?.
If $HOST has a ProxyJump configuration, the resulting ProxyCommand is:
-ssh -W '[%h]:%p' $JUMP_HOST
Because of the leading hyphen, this fails to execute. If the user?s shell is zsh, the
2024 Mar 13
2
ProxyJump does not accept IPv6 for the intermediate host?
Hello,
it seems I cannot use:
$ ssh -J root at 2a01:4f8:1c1e:528d::1 root at west-coast
Invalid -J argument
(The west-coast is stored on the jump host in between in /etc/hosts.)
$ ssh -J root at 167.235.141.44 root at west-coast
Works as expected. Also
$ ssh root at 2a01:4f8:1c1e:528d::1
does work as expected. I do have native IPv6.
This is on Debian 12 Bookworm:
$ ssh -V
OpenSSH_9.2p1
2024 Aug 30
0
ProxyJump: Connection reset by peer
Hi, I'm using ProxyJump via a local sshd (in a separate network namespace) to
connect to a remote host. It works fine the first time, but if I connect
several times in a row in a short period of time, I suddenly get a "Connection
reset by peer" error. This happens to be reproducible. If I wait a few seconds
(let's say 15 seconds), the connection is restored.
I have tried to