- Fiverizer: convert a website from XHTML 1.0 to HTML5
- How to Convert Your Website from XHTML 1.0 to HTML5 the Quick and Easy Way
- DC Blog RSS Feed
- [Updated] Free Mobile-Friendly Layout Wizard
- [Fixed] Feedback Form Wizard
- GitHub patch release previous version
- 15 years of blogging 500 posts later
- How to disable Laravel console commands
- Vue show and hide form elements
- Extracting a time into select menus with PHP
Recent Questions
آخرین مطالب
امکانات وب
I would like to login to a remote server by executing sth. like ssh remoteServer. The remote server can only be reached via a login server (which there are two of).
There are two routes I would like to be able to take (in case one login server cannot be used):
- A → B → D
- A → C → D
Some info:
- A: my local computer
- B: login server; only allows useameB/password login (no key file); I cannot make changes (save key file etc.)
- C: login server; allows key file login; I can make some changes (not a superuser though)
- D: target server; can only be reached from B or C; allows key file login
I'm using a password protected private key file (on A and C; the same one) which I can use to log in to C and D. Here's what I want:
- ssh B_D: Prompt for password of useameB@B and then for the password of the private key file for useameD@D. Since I cannot save the private key on B it has to be forwarded somehow. In case I have loaded it with ssh-agent it shouldn't ask for the password again.
- ssh C_D: Prompt for password of the private key once and then use it to login to useameC@C and then useameD@D. Again, if the key was loaded with ssh-agent beforehand, it shouldn't prompt for a password.
Partly I'm able to use the following command to achieve the above (but only if the key was loaded with ssh-agent):
ssh -A -t useameB@B ssh useameD@D
ssh -A -t useameC@C ssh useameD@D
Is there perhaps a modification that loads the key file first but only for this session? If I log out the key file should then be unloaded.
The above command has two problems:
- I don't want to manually load the key first with ssh-agent. This defeats the purpose of having to enter only one command.
- I want to place this or an equivalent command into the ssh config file. If there is a different way to achieve what I want, that would be fine as well (as long as I don't need to modify anything on B or need superuser rights on C).
I was able to achieve sth. similar using the ssh config file:
Host C
HostName addressOfC
User useameC
IdentityFile ~/.ssh/id_rsa
ForwardAgent yes
Host C_D
HostName addressD
User useameD
IdentityFile ~/.ssh/id_rsa
Port 22
ProxyCommand ssh -A -W %h:%p C
Again, two problems:
- I need to load the key with ssh-agent first. Otherwise it prompts twice for the password.
- It takes ages (24 seconds) to connect. I should mention here, that I'm on Windows using mobaXterm, in case this is responsible for the 24 seconds.
There is one final catch: Forwarding the Agent does not seem to be safe according to https://heipei.github.io/2015/02/26/SSH-Agent-Forwarding-considered-harmful/. So a solution which avoids forwarding the agent would be nice.
Recent Questions...ما را در سایت Recent Questions دنبال میکنید
برچسب:
نویسنده: استخدام کار
بازدید: 321