1

I usually connect to a remote machine through a firewall with:

ssh -xv farshidhss@ras.cse.ust.hk

And then:

ssh -xv luca@10.89.100.72

Notice that remote is actually an IP address. I've seen this question and tried to write my ~/.ssh/config file as:

Host ras            
Hostname ras.cse.ust.hk
User farshidhss         

Host farshid
ProxyCommand ssh -q ras nc -q0 10.89.100.72 22

And then tried ssh -xv luca@farshid, but it stucks at the last line of:

luca@jarvis:~$ ssh -xv luca@farshid
OpenSSH_7.2p2 Ubuntu-4ubuntu2.1, OpenSSL 1.0.2g  1 Mar 2016
debug1: Reading configuration data /home/luca/.ssh/config
debug1: /home/luca/.ssh/config line 5: Applying options for farshid
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Executing proxy command: exec ssh -q ras nc -q0 10.89.100.72 22
debug1: permanently_drop_suid: 1000
debug1: identity file /home/luca/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/luca/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/luca/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/luca/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/luca/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/luca/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/luca/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/luca/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1

I checked that the ports are correct and tried also ProxyCommand ssh -W 10.89.100.72:22 farshid but without success and netcat is installed on ras.cse.ust.hk (which nc returned /bin/nc).

Updated ~/ssh/config:

Host ras            
Hostname ras.cse.ust.hk
User farshidhss         

Host farshid
User luca

ProxyCommand ssh -o 'ForwardAgent yes' farshidhss@ras.cse.ust.hk 'ssh-add && nc %h %p'

Tried to connect with ssh -xv farshid but having same output of before and stucked there

Community
  • 1
user6321
  • 175
  • Try ProxyCommand ssh -o 'ForwardAgent yes' ras 'ssh-add && nc %h %p' and set User luca under your entry for Host farshid. Also on the remote system, the messages form sshd in the logfiles might prove useful. Client-side ssh doesn't give much info on why a connection failed. – con-f-use Mar 26 '17 at 14:23
  • @con-f-use thanks for your answer, please give a look at my updated question – user6321 Mar 26 '17 at 14:31
  • Not quiet what I meant. So, your ~/.ssh/config should be like in the link and then connect with ssh farshid. – con-f-use Mar 26 '17 at 14:46
  • @con-f-use is the updated version right now? – user6321 Mar 26 '17 at 15:03
  • No, look at my link: ~/.ssh/config – con-f-use Mar 26 '17 at 15:04
  • If you have new enough ssh, use ssh -W 10.89.100.72:22 ras as a proxy command. 2) Show us more debug information. Add -vvv to both of the ssh commands or use LogLevel DEBUG3 in ssh_config for both of the hosts.
    • – Jakuje Mar 26 '17 at 16:12
  • @con-f-use thanks for your help, now it works correctly. However, if I want to do both connection with -xC for speeding up the ssh session (taken from here ), all I need to do is ProxyCommand ssh -xoC ... or what? – user6321 Mar 27 '17 at 17:05
  • @con-f-use in addition, in the question that I linked above it seems that commands like scp should work. Both rsync and scp seems not to work, both if sending or receiving data. – user6321 Mar 27 '17 at 17:40
  • For compression, I would add something like Compression yes and CompressionLevel 5 below Hostname ras.cse.ust.hk. Copying with scp for instance using the command scp farshid:~/.bashrc farshidbashrc should work. For rsync you might need to add the appropriate ssh-key with the -i option. – con-f-use Mar 28 '17 at 08:52