Hi Kai Answers interspersed :
----- Mail original ----- | De: "Kai Großjohann" <[email protected]> | À: "SENESI Stéphane" <[email protected]> | Cc: "Michael Albinus" <[email protected]>, [email protected] | Envoyé: Mardi 7 Octobre 2014 21:56:39 | Objet: Re: Using a 'bastion' - issue when providing password | I'm hoping that it can be made to work somehow, just need to figure out | how. Get "ssh rt" working outside Emacs, then perhaps it works inside | Emacs, too. | You could try "ssh -vvv rt" for a start, that should show you a number | of debug messages. I did that. It does not work, either: - when the ProxyCommad includes option '-t' : it ends with "Pseudo-terminal will not be allocated because stdin is not a terminal." - when it does not : just hanging | You could try to change the ProxyCommand to add "-vvv" to the ssh | command in there. | You could compare whatever you get from "ssh rt" with what you get when | you type the proxy command manually (use the same "-vvv" in both cases). I rather compared the outputs of "ssh -vvv" in two cases , on labeled 'working-case' in attachments where the command is issued outside of Emacs, and another called 'telnet-case', from a telnet session in Emacs. There is a significant additional block of debug info in the telnet-case, beginning after " SSH2_MSG_NEWKEYS received" . Upstream of that, there are small differences on two lines of debug info, on the first figures : debug2: dh_gen_key: priv key bits set: 119/256 (working case shows : 138/256) debug2: bits set: 1013/2048 (working case shows : 1040/2048) Are you able to interpret that (or other details in the attachments) ? Best regards, and , again, thanks S | Am I making sense? Does this explain the approach I'm thinking about? | Kai | On 7 Oct 2014, at 11:02, SENESI Stéphane wrote: | > Hello Kai | > | > Thanks for the hint but it does not work : after configuring that | > entry with the suggested ProxyCommand, invoking "ssh rt" just hangs | > (even outside of Emacs). | > | > And, also, in the former setting, changing the value of | > tramp-local-end-of-line from Ctrl-J to Ctrl-M did not succeed either. | > | > I had my network people here issue a ticket to the bastion | > manufacturer user support, but am not fully optimistic about getting a | > workable reply ... | > | > So any further idea is still welcome... | > | > Regards | > | > S | > | > ----- Mail original ----- | > | > | De: "Kai Großjohann" <[email protected]> | > | À: "SENESI Stéphane" <[email protected]> | > | Cc: "Michael Albinus" <[email protected]>, [email protected] | > | Envoyé: Lundi 6 Octobre 2014 23:50:17 | > | Objet: Re: Using a 'bastion' - issue when providing password | > | > | I think Michael meant that you create an additional ~/.ssh/config | > entry | > | beyond the "bel" one that you've got already. | > | > | If I recall correctly, you had to do ssh -t bel real@target , and | > bel was an | > | entry in ~/.ssh/config . | > | > | So: create a new entry "rt" in ~/.ssh/config that does ssh -t bel | > real@target | > | behind the scenes :-) | > | > | How to do that? Hmmm. | > | Host rt | > | ProxyCommand ssh -t bel real@target | > | > | Maybe that works, I'm not sure. | > | > | Kai | > | > | On 3 Oct 2014, at 15:50, SENESI Stéphane wrote: | > | | Hi Michael | > | | > | > | | Thanks for taking time for user support during your vacation !! | > | | > | | Three remarks : | > | | > | > | | ----- Mail original ----- | > | | > | > | | | De: "Michael Albinus" [email protected] | > | | > | | | À: "SENESI Stéphane" [email protected] | > | | > | | | Cc: [email protected] | > | | > | | | Envoyé: Vendredi 3 Octobre 2014 13:39:20 | > | | > | | | Objet: Re: Using a 'bastion' - issue when providing password | > | | > | > | | | Hi Stéphane, | > | | > | > | | | I am on vacations just now (btw, in France :-) | > | | > | | Enjoy ! but mind that weather will become rainy from Sunday for | > most parts | > | | of | > | | France | > | | > | > | | | so I cannot check in detail until I return. For the time being | > you might | > | | | try | > | | > | | | to add an entry to ~/.ssh/config for your bastion host, which | > fires the | > | | > | | | needed command. | > | | > | | As far as I understand, these bastion won't accept the user to | > isseu | > | | command, | > | | either directly or not, but only react to one of the two options I | > quoted | > | | (providing user@hots on first ssh command, or choosing an entry in | > a | > | | user@host's list | > | | > | > | | | Furthermore, there is a variable tramp-password-end-of-line (or | > so), | > | | | maybe | > | | > | | | you could tweak it somehow. | > | | > | | Do you refer to : | > | | > | | .... | > | | > | | (process-send-string | > | | > | | proc (concat (tramp-read-passwd proc) tramp-local-end-of-line)) | > | | > | | If yes, my value for tramp-local-end-of-line is C-j, which seems | > sensible | > | | .... If not, where is the best place to change it ? | > | | > | > | | Best regards | > | | > | > | | S | > | | > | > | | | Best regards, Michael. | > | | > | | -- | > | | > | | ----- Météo-France ----- | > | | > | | SENESI STEPHANE | > | | > | | CNRM/GMGEC/ASTER | > | | > | | [email protected] | > | | > | | Fixe : +33 561079931 | > | | > | > | | Tramp-devel mailing list | > | | > | | [email protected] | > | | > | | https://lists.gnu.org/mailman/listinfo/tramp-devel | > | | > | > -- | > ----- Météo-France ----- | > SENESI STEPHANE | > CNRM/GMGEC/ASTER | > [email protected] | > Fixe : +33 561079931 -- ----- Météo-France ----- SENESI STEPHANE CNRM/GMGEC/ASTER [email protected] Fixe : +33 561079931
working-case
Description: Binary data
telnet-case
Description: Binary data
_______________________________________________ Tramp-devel mailing list [email protected] https://lists.gnu.org/mailman/listinfo/tramp-devel
