Displaying 20 results from an estimated 600 matches similar to: "ProxyJump may construct erroneous ProxyCommand"
2024 Jan 14
2
ProxyJump may construct erroneous ProxyCommand
On Sat, 13 Jan 2024, Rob Leslie wrote:
> Hello,
>
> On macOS, Terminal?s ?New Remote Connection?? command runs ssh in a new window like this:
>
> login -pfq $USER /usr/bin/ssh $HOST
>
> Here, login executes /usr/bin/ssh with argv[0] set to ?-ssh?.
>
> If $HOST has a ProxyJump configuration, the resulting ProxyCommand is:
>
> -ssh -W '[%h]:%p'
2023 Aug 18
1
Host key verification (known_hosts) with ProxyJump/ProxyCommand
On Fri, 18 Aug 2023 at 15:25, Stuart Longland VK4MSL <me at vk4msl.com> wrote:
[...]
> The crux of this is that we cannot assume the local IPv4 address is
> unique, since it's not (and in many cases, not even static).
If the IP address is not significant, you can tell ssh to not record
them ("CheckHostIP no").
[...]
> Host mytarget
> Hostname 172.16.1.2
2023 Aug 18
1
Host key verification (known_hosts) with ProxyJump/ProxyCommand
On 18/8/23 15:39, Darren Tucker wrote:
>> Host mytarget
>> Hostname 172.16.1.2
>> ProxyJump user2 at bastion2
> I think you just need "HostKeyAlias mytarget" here.
Ahh, in my scanning through the `ssh_config` manpage, I missed this, and
change logs seem to indicate this feature has been around since at least
2017, so should not cause
2023 Aug 18
1
Host key verification (known_hosts) with ProxyJump/ProxyCommand
On 19/8/23 08:00, Stuart Longland VK4MSL wrote:
> Would the UserKnownHostsFile be relative to the current working
> directory of the `ssh` process at the time of its call, or would it
> figure out that these files are relative to
> /home/me/workplace/ops/eng-ssh/bigcust-config?
Nope? just tried it, at this time it's relative to whatever directory
you call `ssh` from.
Which if
2023 Aug 18
1
Host key verification (known_hosts) with ProxyJump/ProxyCommand
On Fri, 18 Aug 2023 at 17:18, Stuart Longland VK4MSL <me at vk4msl.com> wrote:
> On 18/8/23 15:39, Darren Tucker wrote:
[...]
> > I think you just need "HostKeyAlias mytarget" here.
>
> Ahh, in my scanning through the `ssh_config` manpage, I missed this, and
> change logs seem to indicate this feature has been around since at least
> 2017, so should not cause
2023 Aug 18
1
Host key verification (known_hosts) with ProxyJump/ProxyCommand
On 18/8/23 18:37, Jochen Bern wrote:
> On 18.08.23 07:39, Darren Tucker wrote:
>> On Fri, 18 Aug 2023 at 15:25, Stuart Longland VK4MSL <me at vk4msl.com>
>> wrote:
>> [...]
>>> The crux of this is that we cannot assume the local IPv4 address is
>>> unique, since it's not (and in many cases, not even static).
>>
>> If the IP address is
2023 Aug 18
1
Host key verification (known_hosts) with ProxyJump/ProxyCommand
Hi all,
I noticed a bit of an odd issue with maintaining `known_hosts` when the
target machine is behind a bastion using `ProxyJump` or `ProxyCommand`
with host key clashes.
Client for me right now is OpenSSH_9.3p1 on Gentoo Linux/AMD64. I'm a
member of a team, and most of us use Ubuntu (yes, I'm a rebel). Another
team who actually maintain this fleet often access the same machines
2023 Aug 18
2
Host key verification (known_hosts) with ProxyJump/ProxyCommand
On 18.08.23 07:39, Darren Tucker wrote:
> On Fri, 18 Aug 2023 at 15:25, Stuart Longland VK4MSL <me at vk4msl.com> wrote:
> [...]
>> The crux of this is that we cannot assume the local IPv4 address is
>> unique, since it's not (and in many cases, not even static).
>
> If the IP address is not significant, you can tell ssh to not record
> them ("CheckHostIP
2012 Nov 20
1
Traduction d'un terme demandée
Bonjour,
On m'a demand? de trouver le terme fran?ais pour jump server ou jump host tel que d?fini dans cet article de Wikipedia : http://en.wikipedia.org/wiki/Jump_host.
Mille mercis pour votre aide,
<http://www.hydroquebec.com/images/hq_logo.gif>
<http://www.hydroquebec.com/images/pixel.gif> Marie Malo
Terminologue
Direction principale - Environnement et affaires
2023 Oct 10
17
[Bug 3627] New: openssh 9.4p1 does not see RSA keys in know_hosts file.
https://bugzilla.mindrot.org/show_bug.cgi?id=3627
Bug ID: 3627
Summary: openssh 9.4p1 does not see RSA keys in know_hosts
file.
Product: Portable OpenSSH
Version: 9.4p1
Hardware: SPARC
OS: Solaris
Status: NEW
Severity: major
Priority: P5
Component: ssh
2020 Apr 17
2
Feature request: ProxyJump with Unix sockets
Dear developers,
The ProxyJump feature is nowadays implemented on the basis of a TCP port forwarding on the jumping host, isn't it?
As a result, this is affected by a AllowTcpForwarding=no configuration on the jumping host.
So, may I suggest a variant based on Unix sockets (such as -L or -R does).
Nice idea, isn't it?
Any volunteer to implement this?
Best regards
Christophe
2016 Aug 12
4
ProxyJump in 7.3, depending on location
Hi,
I'm very grateful for the new ProxyJump option. It helps tremendously!
One small question I'd like to ask, though: Is there a way to skip
one (mostly the first) jump host if the machine is in some specific
network?
For example, from home, I (resp. a shell script) need to jump to the
office's server, a customers' login host, and then to the destination
node; from the
2017 Jul 12
3
[Bug 2744] New: ProxyJump causes "Killed by signal 1" to be printed in terminal.
https://bugzilla.mindrot.org/show_bug.cgi?id=2744
Bug ID: 2744
Summary: ProxyJump causes "Killed by signal 1" to be printed in
terminal.
Product: Portable OpenSSH
Version: 7.5p1
Hardware: Other
OS: Linux
Status: NEW
Severity: trivial
Priority: P5
Component:
2020 May 11
0
[Bug 3163] New: teach ssh-keyscan to use ssh_config (plus options like ProxyJump)
https://bugzilla.mindrot.org/show_bug.cgi?id=3163
Bug ID: 3163
Summary: teach ssh-keyscan to use ssh_config (plus options like
ProxyJump)
Product: Portable OpenSSH
Version: 7.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component:
2023 Jun 21
2
[Bug 3582] New: Confusing error message when using ProxyJump
https://bugzilla.mindrot.org/show_bug.cgi?id=3582
Bug ID: 3582
Summary: Confusing error message when using ProxyJump
Product: Portable OpenSSH
Version: 9.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at
2020 Jun 24
2
[Bug 3186] New: ProxyJump should include IdentityFile when specified
https://bugzilla.mindrot.org/show_bug.cgi?id=3186
Bug ID: 3186
Summary: ProxyJump should include IdentityFile when specified
Product: Portable OpenSSH
Version: 8.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee:
2024 Mar 13
2
ProxyJump does not accept IPv6 for the intermediate host?
Hello,
it seems I cannot use:
$ ssh -J root at 2a01:4f8:1c1e:528d::1 root at west-coast
Invalid -J argument
(The west-coast is stored on the jump host in between in /etc/hosts.)
$ ssh -J root at 167.235.141.44 root at west-coast
Works as expected. Also
$ ssh root at 2a01:4f8:1c1e:528d::1
does work as expected. I do have native IPv6.
This is on Debian 12 Bookworm:
$ ssh -V
OpenSSH_9.2p1
2024 Mar 13
0
ProxyJump does not accept IPv6 for the intermediate host?
On Wed, 2024-03-13 at 11:41 +0000, Job Snijders wrote:
> On Wed, Mar 13, 2024 at 12:19:24PM +0100, Adam Kalisz wrote:
> > it seems I cannot use:
> >
> > $ ssh -J root at 2a01:4f8:1c1e:528d::1 root at west-coast
> > Invalid -J argument
>
> Try this:
>
> ??? $ ssh -J root@[2a01:4f8:1c1e:528d::1] root at west-coast
Thank you all for helping with the syntax.
2019 Apr 07
2
ssh with proxyjump on windows 10
> ssh -v test
OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5
debug1: Reading configuration data C:\\Users\\jsore/.ssh/config
debug1: C:\\Users\\jsore/.ssh/config line 11: Applying options for test
debug1: Setting implicit ProxyCommand from ProxyJump: ssh -v -W '[%h]:%p' apple
debug1: Executing proxy command: exec ssh -v -W '[test]:22' apple
CreateProcessW failed error:2
posix_spawn:
2024 Aug 30
0
ProxyJump: Connection reset by peer
Hi, I'm using ProxyJump via a local sshd (in a separate network namespace) to
connect to a remote host. It works fine the first time, but if I connect
several times in a row in a short period of time, I suddenly get a "Connection
reset by peer" error. This happens to be reproducible. If I wait a few seconds
(let's say 15 seconds), the connection is restored.
I have tried to