Join Log in
Score:0
secf00tprint avatar Server

Multi Hop SSHing using RequestTTY Method

id flag
secf00tprint

I tried to map the following multi hop using a ssh configuration file:

ssh -tt -l jumphost 192.168.1.5 ssh -tt -l jumphost 192.168.2.111 ssh -tt -l inside_server 192.168.3.50

without using one of the following commands as a config:

ssh -oProxyCommand="ssh -q -oProxyCommand=\"ssh -q jumphost@192.168.1.5 nc -q0 192.168.2.111 22\" jumphost@192.168.2.111 nc -q0 192.168.3.50 22" inside_server@192.168.3.50
ssh -oProxyCommand="ssh -W %h:%p -oProxyCommand=\"ssh -W %%h:%%p jumphost@192.168.1.5\" jumphost@192.168.2.111" inside_server@192.168.3.50
ssh -J jumphost@192.168.1.5,jumphost@192.168.2.111 inside_server@192.168.3.50

Using the following ssh config

cat ~/.ssh/config
Host jump
   RequestTTY force
   Hostname 192.168.1.5
   User jumphost

Host inside_gateway
   ProxyCommand ssh jump
   RequestTTY force
   Hostname 192.168.2.111
   User jumphost

Host inside_inside_server
   ProxyCommand ssh inside_gateway
   RequestTTY force
   Hostname 192.168.3.50
   User inside_server

I get a first login but after that it fails:

ssh inside_inside_server -vvv
OpenSSH_8.9 ... OpenSSL 3.0 ...
... 
jumphost@192.168.1.5's password:
Bad packet length 21...
ssh_dispatch_run_fatal: Connection to UNKNOWN port 65535: message authentication code    
incorrect
kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535

What's the problem here?

253
1 + 0
ssh
Score:0
avatar Server
pt flag
larsks

You should be using ProxyJump instead of ProxyCommand. If you goal is to simplify this command line:

ssh -tt -l jumphost 192.168.1.5 \
  ssh -tt -l jumphost 192.168.2.111 \
  ssh -tt -l inside_server 192.168.3.50

You would want a configuration something like this:

Host jump
  Hostname 192.168.1.5
  User jumphost

Host inside_gateway 
  Hostname 192.168.2.111
  ProxyJump jump
  User jumphost

Host inside_inside_server
  Hostname 192.168.3.50
  ProxyJump inside_gateway
  User inside_server

When you run ssh inside_inside_server, this will:

  1. Establish a connection from your local host to jump
  2. Overlay on connection 1 a connection from your local host to inside_gateway
  3. Overlay on connection 2 a connection from your local host to inside_inside_server
+ 1
secf00tprint avatar
id flag
secf00tprint
Thank you for the answer. With `ProxyJump` it would be like: `ssh -J jumphost@192.168.1.5,jumphost@192.168.2.111 inside_server@192.168.3.50`. Isn't there a possibilty to do it like `ssh -tt -l jumphost 192.168.1.5 ssh -tt -l jumphost 192.168.2.111 ssh -tt -l inside_server 192.168.3.50` in the `ssh_config`? My goal is to understand how far `ssh` as called from the terminal can be mapped to `ssh_config` at this point.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.