Remote Access/Single Command: Unterschied zwischen den Versionen
imported>Burghardt |
imported>Burghardt |
||
(4 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
Zeile 20: | Zeile 20: | ||
=== GUI applications === |
=== GUI applications === |
||
− | For Linux this will also forward "X" - every installed graphical software will run on <tt>c034</tt> (in this example) and the graphical representation is displayed on the local machine. |
+ | For Linux this will also forward "[[X]]" - every installed graphical software will run on <tt>c034</tt> (in this example) and the graphical representation is displayed on the local machine. |
− | |||
⚫ | |||
⚫ | |||
=== ProxyCommand === |
=== ProxyCommand === |
||
Zeile 33: | Zeile 32: | ||
ProxyCommand ssh myuserid@login.stud.informatik.uni-goettingen.de nc %h %p |
ProxyCommand ssh myuserid@login.stud.informatik.uni-goettingen.de nc %h %p |
||
− | into your local <tt>.ssh/config</tt> does actually work - but in a way you will not like very much as you need to enter your password twice: |
+ | ...into your local <tt>.ssh/config</tt> does actually work - but in a way you will not like very much as you need to enter your password twice: |
− | * ssh C34 does connect to login.stud - and you need to enter your password the first time to establish the connection |
+ | * <tt>ssh C34</tt> does connect to <tt>login.stud</tt> - and you need to enter your password the first time to establish the connection |
− | * ProxyCommand has been executed and the connection to c034 is going to get established originating from your local computer. You need to satisfy the (second) |
+ | * <tt>ProxyCommand</tt> has then been executed and the actual connection to <tt>c034</tt> is going to get established originating from your local computer. You need to satisfy the (second) password prompt coming from <tt>c034</tt> by entering the password a second time |
− | |||
⚫ | |||
⚫ | |||
+ | (There are also some other positive effects though: using <tt>ProxyCommand</tt> simplifies solving some "double-hop-port-forwarding" issues.) |
||
== See also == |
== See also == |
Aktuelle Version vom 25. November 2015, 17:32 Uhr
Combine two ssh commands
If you know the final destination you can combine two sequential ssh commands into one single command by simple put them together in one line. The only required "trick" is the -t parameter. Without this the second hop "hangs" around without a connected tty-Terminal - no output/input is possible even though the connection is established.
Verbatim terminal copy-n-paste (just eliminated some text):
~$ ssh -t gtest2@login.stud ssh -t c034.cip.loc ####### ####### login.stud.informatik.uni-goettingen.de ... ## Bitte auf einem der c0xx PC 'weiterhangeln' um zu arbeiten. ## ####### gtest2@login.stud's password: Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.13.0-68-generic x86_64) * Documentation: https://help.ubuntu.com/ Last login: Wed Nov 25 16:07:41 2015 from login.cip.loc gtest2@c034:~$
Exactly the same is possible with PuTTY - you just have to enter "ssh cip034.cip.loc" in the configuration setting Connection --> SSH --> Remote command:. Works like a charm ;-)
GUI applications
For Linux this will also forward "X" - every installed graphical software will run on c034 (in this example) and the graphical representation is displayed on the local machine.
To accomplish this on Windows you need an installed and running X-Server (e.g. Xming) of course.
ProxyCommand
Asking the All Knowing Trash Heap [1] you will find valid solutions using ProxyCommand. Putting this:
Host C34 HostName c034.cip.loc User myuserid ProxyCommand ssh myuserid@login.stud.informatik.uni-goettingen.de nc %h %p
...into your local .ssh/config does actually work - but in a way you will not like very much as you need to enter your password twice:
- ssh C34 does connect to login.stud - and you need to enter your password the first time to establish the connection
- ProxyCommand has then been executed and the actual connection to c034 is going to get established originating from your local computer. You need to satisfy the (second) password prompt coming from c034 by entering the password a second time
The simpler double ssh approach from above uses Kerberos Ticket Forwarding. For this reason you only need to enter the password once. If you already have a valid Kerberos ticket you do not need to enter any password at all! :-)
(There are also some other positive effects though: using ProxyCommand simplifies solving some "double-hop-port-forwarding" issues.)