Secure Shell
Multi Hopping by sshserver proxy with different keys Sep 23 2010 03:08PM
Nicolas Ferragu (nicolas ferragu laposte fr) (3 replies)
Re: Multi Hopping by sshserver proxy with different keys Sep 25 2010 10:34AM
Igor Bukanov (igor mir2 org) (2 replies)
Multi Hopping by sshserver proxy with different keys Sep 27 2010 09:01AM
Nicolas Ferragu (nicolas ferragu laposte fr)
Hi all,

Once again, this is my problem : logging to target by key exchanges
through an ssh gateway (bastion) with different identities. The target's
identity is kept on the bastion not the local box.

Windows Linux Linux
| | |
Putty OpenSSH_5.6p1 Openssh any version
| | |
Client ----------> Bastion ----------> Target
\_________________/ \________________/
Client's Key bastion's key
(Pagent) (ssh-agent)

I can do proxycommand but can't get key exchange to work because the
proxycommand is based on a netcat raw connection - which can't do key
exchange as far I know !

Here is my putty proxycommands I tried without success since it's a
final password prompt instead of the kex bastion/target :
plink.exe -a %user@%proxyhost "ssh -a -t -W %host:%port localhost"\n
or
plink.exe -t -a %user@%proxyhost -nc <target_ip_address>:22 \n
(/!\ note the putty's "-nc" included command doesn't resolve names to ip
...)

I've also tried successfully for the authentication ut unsuccessfully
for the usability (raw terminal mode without vi, or control characters) :
plink.exe -t %user@%proxyhost -agent "ssh -p %port -l %user %host"\n

Thanks for your interest,
NF

Post-scriptum La Poste

Ce message est confidentiel. Sous reserve de tout accord conclu par
ecrit entre vous et La Poste, son contenu ne represente en aucun cas un
engagement de la part de La Poste. Toute publication, utilisation ou
diffusion, meme partielle, doit etre autorisee prealablement. Si vous
n'etes pas destinataire de ce message, merci d'en avertir immediatement
l'expediteur.

[ reply ]
Re: Multi Hopping by sshserver proxy with different keys Sep 27 2010 08:22AM
Nicolas Ferragu (nicolas ferragu laposte fr) (1 replies)
Re: Multi Hopping by sshserver proxy with different keys Sep 27 2010 07:13PM
Igor Bukanov (igor mir2 org)
Re: Multi Hopping by sshserver proxy with different keys Sep 23 2010 05:26PM
Stephen Dowdy (sdowdy ucar edu) (1 replies)
Re: Multi Hopping by sshserver proxy with different keys Sep 24 2010 10:00AM
Nicolas Ferragu (nicolas ferragu laposte fr)
RE: Multi Hopping by sshserver proxy with different keys Sep 23 2010 04:26PM
Joachim Thuau (Joachim Thuau heavy-iron com) (1 replies)
Re: Multi Hopping by sshserver proxy with different keys Sep 24 2010 07:42AM
Nicolas Ferragu (nicolas ferragu laposte fr)


 

Privacy Statement
Copyright 2010, SecurityFocus