On Jan 20, 2008, at 17:09, Flavien Lebarbe wrote:

> Richard Mitchell ecrivait :
>> Would it be possible to add a debug option that displays each host
>> name as it connects to them?
>>
>> I create tunnels that sometimes uses 3 intermediate machines before
>> getting to the final destinations (I'm sure others create tunnels
>> that
>> are much deeper). To debug a problem, it would be helpful to see
>> each
>> connection being made.

>
>
> If I establish a tunnel :
> $ ssh -R 3000:host2:2222 host1 sleep 2000
>
> And then in another terminal:
> $ ssh -p 3000 host1
>
> The second ssh process has no idea that the connection it is making
> to host1 is forwarded to host2. It talks through a socket with host1,
> and that's it. It happens that the "active" end is not on host1 but
> that host1 accepts the connection, connects to host2, and then
> forwards data to host2, (the sshd-child initiaded by the first ssh
> command does that). There is no way for the second ssh process to
> know about it. So it looks to me that what you're asking for is not
> possible.
>
> Regards,
>
> Flavien.


Hmmm, yes, I guess you are right.

I just issue a single command, like: ssh hostD
and all of the intermediate steps just happen. I'm using a script,
netcat-proxy:

#!/bin/sh
# $Id: netcat-proxy,v 1.2 2006/05/05 00:21:28 mitchell Exp $
bouncehost=$1
target=$2
port=22

if [ "$3" != "" ]; then
port=$3;
fi

# echo "bouncehost: " $bouncehost
# echo "target : " $target
# echo "port : " $port

ssh $bouncehost nc -w 1 $target $port


and then in my config file have:
ProxyCommand ~/bin/netcat-proxy hostC %h


Giving the illusion that a single ssh command has been issued. And I
guess having an option for each ssh to display its endpoints wouldn't
work either. Where my ssh hostD would return generate something like:
hostA to hostB
hostB to hostC
hostC to hostD
%

where each line is being generated from each individual ssh.

Richard Mitchell


_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/li...enssh-unix-dev