Missing items : Emacs - version is 24.3.1 Tramp version is 2.2.5 S ----- Mail original -----
| De: "SENESI Stéphane" <[email protected]> | À: [email protected] | Envoyé: Vendredi 3 Octobre 2014 11:05:50 | Objet: Using a 'bastion' - issue when providing password | Dear Tramp users, and very dear Tramp guru | I love Tramp, and have used it for long. | The team in charge of network security issues at my office recently set up a | bastion ( http://wallix.com/en/produits-2/wallix-adminbastion-en ). I must | use it, from inside my office network, for connecting to a remote host. | Outside of Emacs, I can issue this command : | ssh -t bel [email protected] | which actually, : | - logs me in the bastion using my ssh key (because 'bel' here refers to an | entry in my ~/.ssh/config file which tells which is the bastion hostname, | and which account should be used there) | - as far as I understand, let the bastion analyze the last arg ( | [email protected] ) and inits a ssh connection to the target host | - prompts me with my password on the remote host | - and successfully opens the ssh session | What I cannot do is to log in with the bastion and then issue a ssh command | for loging in with the remote host. I can only either provide the account | and remote host as shown above, or provide no argument, but log in with the | bastion and then type in a digit for selecting a remote account in a list | (which instructs the basion to open the relevant ssh connection). So, I | cannot use a multi-hop method, and I devised a ssh-based method for issuing | the command quoted above, this way : | (add-to-list 'tramp-methods '("bc" (tramp-login-program "ssh") | (tramp-login-args ( ("-t" "bel") ("%u@%h") )) (tramp-async-args (("-q"))) | (tramp-remote-shell "/bin/sh") (tramp-remote-shell-args ("-c")) | (tramp-gw-args (("-o" "GlobalKnownHostsFile=/dev/null") ("-o" | "UserKnownHostsFile=/dev/null") ("-o" "StrictHostKeyChecking=no"))) | (tramp-default-port 22))) | (I actually hacked a bit function tramp-compute-multi-hops in tramp-sh.el in | order to allow that " %u@%h" as the same role as "%h" and so does not raise | any error w.r.t. to the test commented that way : "In case the host name is | not used for the remote shell command, the user could be misguided by | applying a random hostname") | However, this does not work with Tramp, which gets hanged. Maybe more | significant is the fact that actually, the same command does not work either | under any shell buffer or telnet buffer in Emacs. The symptom is : once | prompted for the password, and after having carefully typed it in, I get the | answer "Can't etablished SSH Session: Authentification by password failed." | (The attached tramp debug buffer content is less explicit on the issue ) . | The wording of the answer indicates that it is issued by the bastion (and | not by the remote host) | I wonder wether the issue is that : | - either some general mechanics in Emacs do add some unwanted character to my | password typing before delivering ot to the bastion | - or the bastion really does not like to talk with Emacs, for some reason | which I do not know, but which may have to do with environment settings ? | Any help would be welcome | Regards | -- | ----- Météo-France ----- | SENESI STEPHANE | CNRM/GMGEC/ASTER | [email protected] | Fixe : +33 561079931 | _______________________________________________ | Tramp-devel mailing list | [email protected] | https://lists.gnu.org/mailman/listinfo/tramp-devel -- ----- Météo-France ----- SENESI STEPHANE CNRM/GMGEC/ASTER [email protected] Fixe : +33 561079931
_______________________________________________ Tramp-devel mailing list [email protected] https://lists.gnu.org/mailman/listinfo/tramp-devel
