Displaying 20 results from an estimated 8000 matches similar to: "[Feature Request] mention hostname on -v"
2023 Sep 12
1
[Feature Request] mention hostname on -v
>> I've got a usecase right now where I've got to use a few
>> intermediate ProxyJump hosts, and it would help debugging
>> via -v tremendously if the debug lines would have a prefix
>> of the originating host, so that they can be easily associated.
>>
>> The FQDN might be too long, though -- perhaps just the PID
>> with an additional line
2023 Sep 12
1
[Feature Request] mention hostname on -v
On Mon, 11 Sep 2023, Philipp Marek wrote:
> I've got a usecase right now where I've got to use a few
> intermediate ProxyJump hosts, and it would help debugging
> via -v tremendously if the debug lines would have a prefix
> of the originating host, so that they can be easily associated.
>
> The FQDN might be too long, though -- perhaps just the PID
> with an
2023 Sep 12
1
[Feature Request] mention hostname on -v
Hi,
On 12/09/2023 07:43, Philipp Marek wrote:
>>> I've got a usecase right now where I've got to use a few
>>> intermediate ProxyJump hosts, and it would help debugging
>>> via -v tremendously if the debug lines would have a prefix
>>> of the originating host, so that they can be easily associated.
>>>
>>> The FQDN might be too long,
2016 Aug 12
4
ProxyJump in 7.3, depending on location
Hi,
I'm very grateful for the new ProxyJump option. It helps tremendously!
One small question I'd like to ask, though: Is there a way to skip
one (mostly the first) jump host if the machine is in some specific
network?
For example, from home, I (resp. a shell script) need to jump to the
office's server, a customers' login host, and then to the destination
node; from the
2020 May 20
7
CanonicalHostname and ssh connections through a jumphost
raf wrote:
> Warlich, Christof wrote:
> > ...
> > I want to be able to ssh to all internal hosts that live in the internal.sub.domain.net,
> > i.e. that are only accessible through the internal.sub.domain.net jumphost without
> > having to list each of these hosts somewhere, as they may frequently be added or
> > removed from the internal domain and without being
2024 Jan 14
2
ProxyJump may construct erroneous ProxyCommand
On Sat, 13 Jan 2024, Rob Leslie wrote:
> Hello,
>
> On macOS, Terminal?s ?New Remote Connection?? command runs ssh in a new window like this:
>
> login -pfq $USER /usr/bin/ssh $HOST
>
> Here, login executes /usr/bin/ssh with argv[0] set to ?-ssh?.
>
> If $HOST has a ProxyJump configuration, the resulting ProxyCommand is:
>
> -ssh -W '[%h]:%p'
2023 Aug 18
2
Host key verification (known_hosts) with ProxyJump/ProxyCommand
On 18.08.23 07:39, Darren Tucker wrote:
> On Fri, 18 Aug 2023 at 15:25, Stuart Longland VK4MSL <me at vk4msl.com> wrote:
> [...]
>> The crux of this is that we cannot assume the local IPv4 address is
>> unique, since it's not (and in many cases, not even static).
>
> If the IP address is not significant, you can tell ssh to not record
> them ("CheckHostIP
2020 Apr 17
2
Feature request: ProxyJump with Unix sockets
Dear developers,
The ProxyJump feature is nowadays implemented on the basis of a TCP port forwarding on the jumping host, isn't it?
As a result, this is affected by a AllowTcpForwarding=no configuration on the jumping host.
So, may I suggest a variant based on Unix sockets (such as -L or -R does).
Nice idea, isn't it?
Any volunteer to implement this?
Best regards
Christophe
2024 Jan 14
2
ProxyJump may construct erroneous ProxyCommand
Hello,
On macOS, Terminal?s ?New Remote Connection?? command runs ssh in a new window like this:
login -pfq $USER /usr/bin/ssh $HOST
Here, login executes /usr/bin/ssh with argv[0] set to ?-ssh?.
If $HOST has a ProxyJump configuration, the resulting ProxyCommand is:
-ssh -W '[%h]:%p' $JUMP_HOST
Because of the leading hyphen, this fails to execute. If the user?s shell is zsh, the
2023 Nov 12
1
Match Principal enhancement
Hi OpenSSH devs,
I?m wondering if the following has any merit and can be done securely ...
If you could match on principals in the sshd_config, then (for example) on a gateway machine, you could have something like
/etc/ssh/authorized_keys/sshfwd:
cert-authority,principals=?batcha-fwd,batchb-fwd? ...
/etc/ssh/sshd_config containing:
Match User sshfwd
PubkeyAuthentication yes
2023 Aug 18
1
Host key verification (known_hosts) with ProxyJump/ProxyCommand
Hi all,
I noticed a bit of an odd issue with maintaining `known_hosts` when the
target machine is behind a bastion using `ProxyJump` or `ProxyCommand`
with host key clashes.
Client for me right now is OpenSSH_9.3p1 on Gentoo Linux/AMD64. I'm a
member of a team, and most of us use Ubuntu (yes, I'm a rebel). Another
team who actually maintain this fleet often access the same machines
2019 Apr 07
2
ssh with proxyjump on windows 10
> ssh -v test
OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5
debug1: Reading configuration data C:\\Users\\jsore/.ssh/config
debug1: C:\\Users\\jsore/.ssh/config line 11: Applying options for test
debug1: Setting implicit ProxyCommand from ProxyJump: ssh -v -W '[%h]:%p' apple
debug1: Executing proxy command: exec ssh -v -W '[test]:22' apple
CreateProcessW failed error:2
posix_spawn:
2023 Nov 12
1
Match Principal enhancement
AFAIK everything you described here could be done using the
AuthorizedKeysCommand or AuthorizedPrincipalsCommand directives. These
can emit authorized_keys options (inc. permitopen) as well as the allowed
keys/principals.
On Sun, 12 Nov 2023, Bret Giddings wrote:
> Hi OpenSSH devs,
>
> I?m wondering if the following has any merit and can be done securely ...
>
> If you could
2024 Oct 19
2
HOWTO (advanced) ssh transparent proxy jump
Hello OpenSSH team,
(New subscriber and very first message... by the way thanks for bringing
ssh to the wolrd).
I have a question, maybe not so simple.
_The question in short :
_
Context? :_
_
In a jump configuration HostA -> (HostB) -> HostC
The classical way to connect is :
usera at hosta $ *ssh -J userb at hostb userc at hostc*
And to make it "locally
2023 Jun 21
2
[Bug 3582] New: Confusing error message when using ProxyJump
https://bugzilla.mindrot.org/show_bug.cgi?id=3582
Bug ID: 3582
Summary: Confusing error message when using ProxyJump
Product: Portable OpenSSH
Version: 9.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at
2019 Aug 14
10
[Bug 3057] New: Fork-bomb when misconfiguring a host to ProxyJump onto itself
https://bugzilla.mindrot.org/show_bug.cgi?id=3057
Bug ID: 3057
Summary: Fork-bomb when misconfiguring a host to ProxyJump onto
itself
Product: Portable OpenSSH
Version: 7.9p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
2017 Dec 27
4
What is the ssh_config equivalent to this syntax involving multiple at signs
My company uses a certain product which forces me to use a jumphost / ssh proxy.
When connecting to a server I have to type "ssh myuser at technicaluser@targethost at jumphost" everytime. I tried to simplify this by editing my ssh_config and putting this into the file:
Host targethost
ProxyJump technicaluser at jumphost
These lines are recognized but don't work like intended
2023 Aug 18
1
Host key verification (known_hosts) with ProxyJump/ProxyCommand
On Fri, 18 Aug 2023 at 15:25, Stuart Longland VK4MSL <me at vk4msl.com> wrote:
[...]
> The crux of this is that we cannot assume the local IPv4 address is
> unique, since it's not (and in many cases, not even static).
If the IP address is not significant, you can tell ssh to not record
them ("CheckHostIP no").
[...]
> Host mytarget
> Hostname 172.16.1.2
2024 Mar 13
2
ProxyJump does not accept IPv6 for the intermediate host?
Hello,
it seems I cannot use:
$ ssh -J root at 2a01:4f8:1c1e:528d::1 root at west-coast
Invalid -J argument
(The west-coast is stored on the jump host in between in /etc/hosts.)
$ ssh -J root at 167.235.141.44 root at west-coast
Works as expected. Also
$ ssh root at 2a01:4f8:1c1e:528d::1
does work as expected. I do have native IPv6.
This is on Debian 12 Bookworm:
$ ssh -V
OpenSSH_9.2p1
2020 Mar 26
4
TCP connect timeout with proxy
Dear openssh developers and users,
I'm new to the list, and my apologies if this question has been asked
before. I've tried to look for answers and haven't succeeded, which is
why I'm asking.
Here's the situation: I'm connect to a dual-stacked host with A and AAAA
records. The IPv6 connectivity to the host is broken.
When connecting to the host directly from my client