https://bugzilla.mindrot.org/show_bug.cgi?id=3186
Bug ID: 3186
Summary: ProxyJump should include IdentityFile when specified
Product: Portable OpenSSH
Version: 8.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs@mindrot.org
Reporter: david@systemoverlord.com
While ProxyJump (-J) is documented as not taking the configuration for
the destination host (which makes sense for most things, like port
forwarding, X11 forwarding, environment, etc.), it seems that it's not
uncommon to want to use the same SSH key to authenticate to both hosts.
In such cases, passing -i on the command line fails as it's not used
for authenticating to the jump host.
I believe that when -J and -i are both used on the command line, the
provided identity file should also be attempted for the jump host, and
there's little risk (aside from exposing the fingerprint of the
additional public key to the intermediate host).
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
Bug ID: 3186
Summary: ProxyJump should include IdentityFile when specified
Product: Portable OpenSSH
Version: 8.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs@mindrot.org
Reporter: david@systemoverlord.com
While ProxyJump (-J) is documented as not taking the configuration for
the destination host (which makes sense for most things, like port
forwarding, X11 forwarding, environment, etc.), it seems that it's not
uncommon to want to use the same SSH key to authenticate to both hosts.
In such cases, passing -i on the command line fails as it's not used
for authenticating to the jump host.
I believe that when -J and -i are both used on the command line, the
provided identity file should also be attempted for the jump host, and
there's little risk (aside from exposing the fingerprint of the
additional public key to the intermediate host).
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs