[ale] SSH Tunnel and Agent Question
Richard Bronosky
Richard at Bronosky.com
Fri Sep 18 17:03:15 EDT 2009
Try using ControlMaster with ssh. See if the ControlMaster socket for
the tunnel is labeled as host_4. If so, you could then use rsync
host_4:/file ./ and the existing connection should be used
automatically.
On 9/18/09, brian at polibyte.com <brian at polibyte.com> wrote:
> I'm logged in to a server, host_1, with a private ip address that cannot
> reach the internet. host_1 can reach host_2, which can then reach the
> internet.
>
> I want to pull some files from host_4. The only way to reach host_4 is
> via a "bastion" server, host_3. host_1 can't connect to host_3, but
> host_2 can.
>
> host_2, host_3, and host_4 are all running sshd. My user on host_1 has
> an ssh key that allows login to host_2, host_3, and host_4.
>
> After some experimentation, I found that the following rsync line works.
>
> rsync -ave "ssh -A host_2 ssh -A host_3 ssh" host_4:/remote/files/
> /local/files
>
> I was curious if I could do the same things with an ssh tunnel. I set
> one up with
>
> ssh -fNA -o ProxyCommand='ssh host_2 nc %h %p' -L 2222:host_4:22 host_3
>
> I know the tunnel works, because I can do
>
> ssh -vp 2222 localhost
>
> and I'll be logged in to host_4. The end of the ssh debug messages say
>
> debug1: Next authentication method: publickey
> debug1: Offering public key:
> debug1: Server accepts key: *snip*
> debug1: Authentication succeeded (publickey).
>
> However, when I try to use rsync over the tunnel
>
> rsync -e "ssh -vp 2222" localhost:/remote/files/ /local/files
>
> It doesn't work and the end of the ssh debug messages say.
>
> debug1: Next authentication method: publickey
> debug1: Offering public key:
> debug1: Authentications that can continue: publickey,gssapi-with-mic
> debug1: Offering public key:
> debug1: Authentications that can continue: publickey,gssapi-with-mic
> debug1: Trying private key: /root/.ssh/identity
> debug1: Trying private key: /root/.ssh/id_rsa
> debug1: Trying private key: /root/.ssh/id_dsa
> debug1: No more authentication methods to try.
> Permission denied (publickey,gssapi-with-mic).
>
> Why does rsync over the tunnel fail when ssh worked?
>
> All the best,
> Brian
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>
--
Sent from my mobile device
.!# RichardBronosky #!.
More information about the Ale
mailing list