[prev in list] [next in list] [prev in thread] [next in thread]
List: openssh-unix-dev
Subject: Re: possibility of a RemoteCommand option in the ssh config file
From: Ángel González <keisial () gmail ! com>
Date: 2016-09-28 21:19:19
Message-ID: 57EC33D7.8050904 () gmail ! com
[Download RAW message or body]
Paulmier wrote:
> Hi,
>
> About one year ago, someone (Simon Zack) asked about a RemoteCommand
> option.
>
> His question did not encounter a large amount of answers, maybe because
> Simon himself did not answer to a question from Darren Tucker about his use
> case ? However, I think I have a use case pretty close to Simon's one:
>
> Let's imagine a host named 'lxc.host.example.org', hosting many LXC
> containers named '<cont>.lxc.host.example.org'.
> With a RemoteCommand option, working pretty much the same as the
> ProxyCommand one, we could write something like:
>
> $ cat ~/.ssh/config
> Host host.lxc.example.org
> RequestTTY force
>
> Host *.host.lxc.example.org
> Hostname host.lxc.example.org
> RemoteCommand lxc-attach -n %h --
>
> That way, we would be able to attach to containers, without the need to run
> sshd inside each container, by running:
>
> $ ssh mycontainer.host.lxc.example.org
>
> A bit of difference with the ProxyCommand behaviour, though: the %h macro
> should expand to the host that was requested on the cli; not the one
> specified with Hostname.
You should use %n for that.
I like your use case, although you could the same thing (in a more
convoluted configuration)
using ForceCommand on the ssh key at the authorized_keys of
host.lxc.example.org
Cheers
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic