Pop-Up Thingie
Sidebar
>>> Magnum BBS <<<
Home
Forum
Files
Dark
Log in
Username
Password
Sidebar
Forum
Usenet
COMP.SECURITY.SSH
openssh client behavior with default local config file vs using "ssh -F
From
D Youatt
@21:1/5 to
All
on Tue Mar 17 09:21:29 2020
I'm using openssh (client) on Ubuntu bionic.
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017
and have a local ~/.ssh/config.other file with hosts defined to proxy through a bastion host. It looks like:
# Copied from /etc/ssh/ssh_config
Host *
SendEnv LANG LC_*
HashKnownHosts yes
GSSAPIAuthentication yes
UserKnownHostsFile ~/.ssh/my_known_hosts
Host my.bastion my-aws1
IdentityFile ~/.ssh/mypk
Port 12345
User auser
# bastion host uses IP addr
Hostname NN.MM.PP.QQ
Host my.primary my-aws1-primary
IdentityFile ~/.ssh/mypk
Port 22
User auser
Hostname my.host.name
ProxyCommand ssh -A -q my.bastion -W %h:%p
Both the bastion host and destination host are recent Amazon Linux default installations.
If the config file with the contents above is in ~/.ssh/config, and I just "ssh my.primary" it happily connects and logs in.
If the config file is ~/.ssh/config.other and I use "ssh -F ~/.ssh/config.other my.primary", it fails with
bash> ssh -vvv -F ~/.ssh/config.support my.primary
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /home/me/.ssh/config.support
debug1: /home/me/.ssh/config.support line 1: Applying options for *
debug1: /home/me/.ssh/config.support line 20: Applying options for my.primary debug1: Executing proxy command: exec ssh -A -q my.bastion -W my.host.name:22 debug1: permanently_drop_suid: 1000
debug1: identity file /home/me/.ssh/CrunchySupport type 0
debug1: key_load_public: No such file or directory
debug1: identity file /home/me/.ssh/CrunchySupport-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3 ssh_exchange_identification: Connection closed by remote host
Why the difference using "ssh -F ~/.ssh/config.other ..."?
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)
Who's Online
System Info
Sysop:
Keyop
Location:
Huddersfield, West Yorkshire, UK
Users:
296
Nodes:
16 (
2
/
14
)
Uptime:
40:33:14
Calls:
6,648
Files:
12,193
Messages:
5,329,420