Secure Shell
Multi Hopping by sshserver proxy with different keys Sep 23 2010 03:08PM
Nicolas Ferragu (nicolas ferragu laposte fr) (3 replies)
Re: Multi Hopping by sshserver proxy with different keys Sep 25 2010 10:34AM
Igor Bukanov (igor mir2 org) (2 replies)
Multi Hopping by sshserver proxy with different keys Sep 27 2010 09:01AM
Nicolas Ferragu (nicolas ferragu laposte fr)
Re: Multi Hopping by sshserver proxy with different keys Sep 27 2010 08:22AM
Nicolas Ferragu (nicolas ferragu laposte fr) (1 replies)
Re: Multi Hopping by sshserver proxy with different keys Sep 27 2010 07:13PM
Igor Bukanov (igor mir2 org)
Re: Multi Hopping by sshserver proxy with different keys Sep 23 2010 05:26PM
Stephen Dowdy (sdowdy ucar edu) (1 replies)
Re: Multi Hopping by sshserver proxy with different keys Sep 24 2010 10:00AM
Nicolas Ferragu (nicolas ferragu laposte fr)
RE: Multi Hopping by sshserver proxy with different keys Sep 23 2010 04:26PM
Joachim Thuau (Joachim Thuau heavy-iron com) (1 replies)
Re: Multi Hopping by sshserver proxy with different keys Sep 24 2010 07:42AM
Nicolas Ferragu (nicolas ferragu laposte fr)
Joachim,

Thanks for sharing.
That works but don't rocks; not the way I want :

1 - I need a fully autonomous procedure to connect to any target.
In your solution, I have to start each time a special connection which
I can't automate correctly within Putty localproxy command (teletype
screen issues) or within a pre-connection local command.

2 - The most important : the client Haven't Any Key to Target. It's the
bastion/gateway/jumper who Have keys.
In your solution, I don't know How to tell target to verify bastion's
key...

And of course I don't want an ssh in ssh like : ssh bastion ssh target
... even if that's doing what I want elsewhere the Microsoft land.

Here is a schematic view of my needs :

Windows Linux Linux
| | |
Putty OpenSSH_5.6p1 Openssh any version
| | |
Client ----------> Bastion ----------> Target
\_________________/ \________________/
Client's Key bastion's key
(Pagent) (ssh-agent)

Fyi : I've setted the environment file to get my ssh-agent acting in the
2nd connection (from B to T).

Thanks
Nicolas

-------- Message original --------
Sujet: Re: Multi Hopping by sshserver proxy with different keys
De : Joachim Thuau <Joachim.Thuau (at) heavy-iron (dot) com [email concealed]>
Pour : secureshell (at) securityfocus (dot) com [email concealed] <secureshell (at) securityfocus (dot) com [email concealed]>
Date : 23/09/2010 18:26

> Your could do this with the following:
> * ssh to bastion using your keys, and include a port forward from localhost to target
> * ssh to forwarded port on localhost using target key.
>
> Note that if this is for automation of tasks, you may need to keep the first connection going while starting the second.

Once the second connection is going, the first one will not close fully
until the tunnel is no longer in use.
>
> Thanks,
> Jok
>

Post-scriptum La Poste

Ce message est confidentiel. Sous reserve de tout accord conclu par
ecrit entre vous et La Poste, son contenu ne represente en aucun cas un
engagement de la part de La Poste. Toute publication, utilisation ou
diffusion, meme partielle, doit etre autorisee prealablement. Si vous
n'etes pas destinataire de ce message, merci d'en avertir immediatement
l'expediteur.

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus