Hi Kai
Answers interspersed :
----- Mail original -----
| De: "Kai Großjohann" <[email protected]>
| À: "SENESI Stéphane" <[email protected]>
| Cc: "Michael Albinus" <[email protected]>, [email protected]
| Envoyé: Mardi 7 Octobre 2014 21:56:39
| Objet: Re: Using a 'bastion' - issue when providing password
| I'm hoping that it can be made to work somehow, just need to figure
out
| how. Get "ssh rt" working outside Emacs, then perhaps it works
inside
| Emacs, too.
| You could try "ssh -vvv rt" for a start, that should show you a
number
| of debug messages.
I did that. It does not work, either:
- when the ProxyCommad includes option '-t' : it ends with
"Pseudo-terminal will not be allocated because stdin is not a
terminal."
- when it does not : just hanging
| You could try to change the ProxyCommand to add "-vvv" to the ssh
| command in there.
| You could compare whatever you get from "ssh rt" with what you get
when
| you type the proxy command manually (use the same "-vvv" in both
cases).
I rather compared the outputs of "ssh -vvv" in two cases , on labeled
'working-case' in attachments where the command is issued outside of
Emacs, and another called 'telnet-case', from a telnet session in
Emacs. There is a significant additional block of debug info in the
telnet-case, beginning after " SSH2\_MSG\_NEWKEYS received" . Upstream
of that, there are small differences on two lines of debug info, on
the first figures :
debug2: dh\_gen\_key: priv key bits set: 119/256 (working case shows :
138/256)
debug2: bits set: 1013/2048 (working case shows : 1040/2048)
Are you able to interpret that (or other details in the attachments) ?
Best regards, and , again, thanks
S
| Am I making sense? Does this explain the approach I'm thinking
about?
| Kai
| On 7 Oct 2014, at 11:02, SENESI Stéphane wrote:
| > Hello Kai
| >
| > Thanks for the hint but it does not work : after configuring that
| > entry with the suggested ProxyCommand, invoking "ssh rt" just
hangs
| > (even outside of Emacs).
| >
| > And, also, in the former setting, changing the value of
| > tramp-local-end-of-line from Ctrl-J to Ctrl-M did not succeed
either.
| >
| > I had my network people here issue a ticket to the bastion
| > manufacturer user support, but am not fully optimistic about
getting a
| > workable reply ...
| >
| > So any further idea is still welcome...
| >
| > Regards
| >
| > S
| >
| > ----- Mail original -----
| >
| > | De: "Kai Großjohann" <[email protected]>
| > | À: "SENESI Stéphane" <[email protected]>
| > | Cc: "Michael Albinus" <[email protected]>,
[email protected]
| > | Envoyé: Lundi 6 Octobre 2014 23:50:17
| > | Objet: Re: Using a 'bastion' - issue when providing password
| >
| > | I think Michael meant that you create an additional
~/.ssh/config
| > entry
| > | beyond the "bel" one that you've got already.
| >
| > | If I recall correctly, you had to do ssh -t bel real@target ,
and
| > bel was an
| > | entry in ~/.ssh/config .
| >
| > | So: create a new entry "rt" in ~/.ssh/config that does ssh -t
bel
| > real@target
| > | behind the scenes :-)
| >
| > | How to do that? Hmmm.
| > | Host rt
| > | ProxyCommand ssh -t bel real@target
| >
| > | Maybe that works, I'm not sure.
| >
| > | Kai
| >
| > | On 3 Oct 2014, at 15:50, SENESI Stéphane wrote:
| > | | Hi Michael
| > |
| >
| > | | Thanks for taking time for user support during your vacation
!!
| > |
| > | | Three remarks :
| > |
| >
| > | | ----- Mail original -----
| > |
| >
| > | | | De: "Michael Albinus" [email protected]
| > |
| > | | | À: "SENESI Stéphane" [email protected]
| > |
| > | | | Cc: [email protected]
| > |
| > | | | Envoyé: Vendredi 3 Octobre 2014 13:39:20
| > |
| > | | | Objet: Re: Using a 'bastion' - issue when providing password
| > |
| >
| > | | | Hi Stéphane,
| > |
| >
| > | | | I am on vacations just now (btw, in France :-)
| > |
| > | | Enjoy ! but mind that weather will become rainy from Sunday
for
| > most parts
| > | | of
| > | | France
| > |
| >
| > | | | so I cannot check in detail until I return. For the time
being
| > you might
| > | | | try
| > |
| > | | | to add an entry to ~/.ssh/config for your bastion host,
which
| > fires the
| > |
| > | | | needed command.
| > |
| > | | As far as I understand, these bastion won't accept the user to
| > isseu
| > | | command,
| > | | either directly or not, but only react to one of the two
options I
| > quoted
| > | | (providing user@hots on first ssh command, or choosing an
entry in
| > a
| > | | user@host's list
| > |
| >
| > | | | Furthermore, there is a variable tramp-password-end-of-line
(or
| > so),
| > | | | maybe
| > |
| > | | | you could tweak it somehow.
| > |
| > | | Do you refer to :
| > |
| > | | ....
| > |
| > | | (process-send-string
| > |
| > | | proc (concat (tramp-read-passwd proc)
tramp-local-end-of-line))
| > |
| > | | If yes, my value for tramp-local-end-of-line is C-j, which
seems
| > sensible
| > | | .... If not, where is the best place to change it ?
| > |
| >
| > | | Best regards
| > |
| >
| > | | S
| > |
| >
| > | | | Best regards, Michael.
| > |
| > | | --
| > |
| > | | ----- Météo-France -----
| > |
| > | | SENESI STEPHANE
| > |
| > | | CNRM/GMGEC/ASTER
| > |
| > | | [email protected]
| > |
| > | | Fixe : +33 561079931
| > |
| >
| > | | Tramp-devel mailing list
| > |
| > | | [email protected]
| > |
| > | | https://lists.gnu.org/mailman/listinfo/tramp-devel
| > |
| >
| > --
| > ----- Météo-France -----
| > SENESI STEPHANE
| > CNRM/GMGEC/ASTER
| > [email protected]
| > Fixe : +33 561079931
--
----- Météo-France -----
SENESI STEPHANE
CNRM/GMGEC/ASTER
[email protected]
Fixe : +33 561079931
[working-case]
[telnet-case]
