similar to: [Bug 3541] New: remote-to-remote case doesn't look at sshport

https://bugzilla.mindrot.org/show_bug.cgi?id=3653 Bug ID: 3653 Summary: ConnectTimeout causes issue when connecting to an host via tsocks Product: Portable OpenSSH Version: 9.6p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh

I am trying to run ssh to a server continuously and quickly. Out of about 10-12 times of good run or result, once the client gets stuck. It does not connect. This we are observing after upgrading both the server and client to OpenSSL 9.6p1. We are running this cmd on the client side: ssh -vvv -p 1022 -o UserKnownHostsFile=/dev/null -o GSSAPIAuthentication=no -o StrictHostKeyChecking=no -o

Perfect, thanks. This winds up working for me (as far as I've tested so far.) Match exec "ping -q -c 1 -t 1 %n | grep '192\.168\.'" StrictHostKeyChecking no UserKnownHostsFile none On Wed, Aug 26, 2015 at 11:47 PM, Bostjan Skufca <bostjan at a2o.si> wrote: > (+cc list) > > You could use something in the following manner: > > Match originalhost *

Hello all. I wrote this small patch that allows having multiple tags on a configuration block in the openssh client configuration. For instance, with this configuration: > Host test-host > Tag change-hostname change-port-and-user > Tag jump-to-mybox > > Match tagged change-hostname > Hostname new-hostname > > Match tagged change-port-and-user > Port 12345 >

Trying to get SSH agent forwarding working for a popular open source configuration management system called Ansible. I?ve had some unexpected behaviour, the only cause of which I can find is how I express the command line arguments. http://stackoverflow.com/questions/20952689/vagrant-ssh-agent-forwarding-how-is-it-working?noredirect=1#comment31511341_20952689 In summarise: In the first

On Wed, 15 May 2019 at 23:14, Samiya Khanum <samiya.khanum at broadcom.com> wrote: > Hi Darren, > Thanks for quick response. > Even with openSSH8.0 version, it is not supported? 8.0p1 should work although I have not tested that specific OpenSSL version. Between 7.9p1 and 8.0p1 I had it working against what was OpenSSL head at the time. -- Darren Tucker (dtucker at dtucker.net)

Hello there, I'm a little afraid of writing here, hope I don't make any mistake doing so. I'm trying for days and searching the web too, but no obvious solution, no reply from the specialized forum I wrote in. Here is the situation: I would like to have a lighter security inside our domain, without changing when going outside. By "lighter security" I mean at least, no

On Fri, Aug 28, 2015 at 11:51 PM, Walter Carlson <wlcrls47 at gmail.com> wrote: > On Thu, Aug 27, 2015 at 12:26 AM, Walter Carlson <wlcrls47 at gmail.com> wrote: > >> Perfect, thanks. This winds up working for me (as far as I've tested so >> far.) >> >> Match exec "ping -q -c 1 -t 1 %n | grep '192\.168\.'" >>

https://bugzilla.mindrot.org/show_bug.cgi?id=2525 Bug ID: 2525 Summary: Please add an alias such as -o Insecure for -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no Product: Portable OpenSSH Version: 6.7p1 Hardware: amd64 OS: Linux Status: NEW Severity:

https://bugzilla.mindrot.org/show_bug.cgi?id=1654 --- Comment #4 from Vincent Fortier <vincent.fortier at canada.ca> --- If I can add, I just came accross a clear case where this feature is lacking for me which forces me to redirect to /dev/null: I need to access multiple hosts from various management networks accross multiple locations. Management IP are often the same at every location

On 18/8/23 18:37, Jochen Bern wrote: > On 18.08.23 07:39, Darren Tucker wrote: >> On Fri, 18 Aug 2023 at 15:25, Stuart Longland VK4MSL <me at vk4msl.com> >> wrote: >> [...] >>> The crux of this is that we cannot assume the local IPv4 address is >>> unique, since it's not (and in many cases, not even static). >> >> If the IP address is

Hi Damien/all, Since github etc use a potentially large number of IP addresses (albeit with a small number of keys), I'd like more granular oversight over their entries in my known_hosts. Eg, here is a simplified stanza from my current ssh config: Host github gitlab User git Hostname %h.com UserKnownHostsFile ~/.ssh/known_hosts.d/git There doesn't seem to be a good way to filter only

> The point is that the original escaping DOUBLE escapes an equals sign: > foo\\\=bar > It shouldn't, there's no reason to. If you paste into your command line: rsync -e ssh\ -l\ backup\ -i\ /etc/synco/id_rsa\ -o\ ConnectTimeout\\\=60\ -o\ BatchMode\\\=yes The list of arguments would be (i.e. the values in ARGV): ['rsync', '-e', 'ssh -l backup -i

https://bugzilla.mindrot.org/show_bug.cgi?id=3221 Bug ID: 3221 Summary: hostkey preference ordering is broken in some situations Product: Portable OpenSSH Version: 8.4p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh

Attached (and inline) is a patch to add the following config options: ControlBindMask ControlAllowUsers ControlAllowGroups ControlDenyUsers ControlDenyGroups It pulls the peer credential check from client_process_control() in ssh.c, and expounds upon it in a new function, client_control_grant(). Supplemental groups are not checked in this patch. I didn't feel comfortable taking a shot

If I want to specify for LAN addresses that I don't want to deal with host keys, how do I do that? Understanding the risks, knowing almost everyone will say not to do this - it's a horrible idea, but deciding I want to do it anyway. Tired of having to remove entries from known_hosts with the multiple VM's I have that often change fingerprints, and am willing to live with the risks.

http://bugzilla.mindrot.org/show_bug.cgi?id=656 Summary: ConnectTimeout option broken Product: Portable OpenSSH Version: 3.7.1p1 Platform: All URL: http://charts.free.fr OS/Version: All Status: NEW Severity: major Priority: P2 Component: ssh AssignedTo: openssh-bugs at mindrot.org

Guys, I wonder if anyone can give me any pointers here, I hope it's CentOS related enough not to be too off topic, if it is then apologies. I'm attempting to setup a CGI which can connect to a remote system and execute a command. On the 'client', for the Apache user 'apache' I've given it a shell and generated a key-pair. I've configured Keychain [

Dear OpenSSH developers, Do you find it a good idea if variable substitution is implemented in UserKnownHostsFile the same way it is done for IdentityFile? In ssh_config I would like to write something like UserKnownHostsFile ~/keys/%r/known_hosts Thanks! -- With best regards, Dmitry

On 2016-10-20 10:24, Samuel Williams wrote: > Hello, > > I'm using Ruby's Shellwords module, which generates a string from an > array, suitable for shell evaluation. > > Ruby's implementation prefers escaping whitespace with a backslash > rather than quotes. However, this appears to cause some kind of issue > in Rsync when it computes argv from -e option. The