[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How to configure my bastion ?

From: Stéphane Senesi
Subject: Re: How to configure my bastion ?
Date: Fri, 04 May 2012 10:24:09 +0200
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20100901 Mandriva/3.0.6-0.1mdv2010.1 (2010.1) Thunderbird/3.0.6


Thanks for your support . Answers in the text :

Michael Albinus wrote, On 02/05/2012 14:55:
Stéphane Senesi<address@hidden>  writes:

Dear all,
Hi Stéphane,

first of all: Which Emacs and Tramp versions are you running?

GNU Emacs 23.1.1 and tramp-version 2.2.3

My gentle network administrator provided me with bastion that can work
in two ways :
     1- either by typing "ssh -l my_account bastion", in which case I
am provided with a menu for choosing among a limited list of hosts.
After the choice, I am directly prompted with the password on the
chosen remote host
     2- or by typing "ssh -l my_account bastion remote_host", in which
case I am directly prompted with the password on that host

   - then trying case 1, I tried to customize the
'tramp-actions-before-shell to process the sequence where I am
prompted with a menu, but quickly realized that
tramp-actions-before-shell do address the prompting which occur after
password prompting.
Not only. Show the menu you are prompted with; maybe we could construct
a proper action.

Here it is :

>  ssh -l my_bastion_user  bastion
| ID | Site
|  0 | address@hidden
|  1 | address@hidden
|  2 | address@hidden
|  3 | address@hidden
|  4 | address@hidden
|  5 | address@hidden
Connect to:

     - again with case 2, I also tried to configure my ~/.ssh/config
file to provide for the bastion a "User:" field which is a combined
string including both "my_account bastion" and "remote_host" (because
this is what works on the interactive ssh ), but ssh client then
either considers that my config file is garbled (if I put double
quotes around both strings) or take the whole string as the user name
on the bastion (which of course won't work)
For this case (and the one without configuring ~/.ssh/config) I would
like to see the Tramp debug buffer, after setting tramp-verbose to 6.

The case without using the .ssh/config , so trying to access '/ssh:address@hidden:' shows as case 2a in the attached files. I had to interrupt by Ctrl-G.

For case 2b (see similar files attached) I tried to contact /ssh:vu: and have the following lines in my .ssh/config file :
Host vu
     Hostname mybastion
     User "my_bastion_user   address@hidden"
Then , I am requested with a password for 'my_bastion_user address@hidden@bastion' (namely by: 'stephane.senesi's password: ' ), which is consistent with the content of the config line, but inadequate

For case 2c (see similar files attached) I tried to contact /ssh:uwab: and have the following lines in my .ssh/config file :
Host uwab
     Hostname mybastion
     User my_bastion_user

So, its just the same as case 2a but using the config file. The tramp-buffer shows the menu I am prompted with. If we could have tramp provide an answer (which could depend on the hostname used, e.g. uwab, gwab, vwab ...), the next phase would the prompting for the password on the remote host (which handling is built-in, AFAIU ?)



Thanks for any help

Here follows my code for method "wab"

Best regards
Best regards, Michael.

Stéphane Sénési
Ingénieur - équipe Assemblage du Système Terre
Centre National de Recherches Météorologiques
Groupe de Météorologie à Grande Echelle et Climat

42 Av Coriolis
F-31057 Toulouse Cedex 1

+ (Fax :....9610)

Attachment: debug-buffer-case-2a
Description: Binary data

Attachment: tramp-buffer-case-2a
Description: Text document

Attachment: debug-buffer-case-2b
Description: Binary data

Attachment: tramp-buffer-case-2b
Description: Text document

Attachment: debug-buffer-case-2c
Description: Binary data

Attachment: tramp-buffer-case-2c
Description: Text document

reply via email to

[Prev in Thread] Current Thread [Next in Thread]