Mailing List Archive: [Bug 3490] Inconsistent behaviour when using -i and -J options

[Bug 3490] Inconsistent behaviour when using -i and -J options

Nov 16, 2022, 7:04 PM

Post #1 of 3 (148 views)

https://bugzilla.mindrot.org/show_bug.cgi?id=3490

Damien Miller <djm@mindrot.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |WONTFIX
CC| |djm@mindrot.org
Status|NEW |RESOLVED

--- Comment #1 from Damien Miller <djm@mindrot.org> ---
This is intentional - most command-line arguments are applied only to
the destination (targethost in your example) and not the connection to
the jumphost. This is noted in the manual page description for -J:

> Note that configuration directives supplied on the command-line
> generally apply to the destination host and not any specified
> jump hosts. Use ~/.ssh/config to specify configuration for jump
> hosts.

--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 3490] Inconsistent behaviour when using -i and -J options [ In reply to ]

bugzilla-daemon at mindrot

Nov 17, 2022, 4:22 AM

Post #2 of 3 (148 views)

Permalink

https://bugzilla.mindrot.org/show_bug.cgi?id=3490

--- Comment #2 from Stephan Wonczak <wonczak@uni-koeln.de> ---
I still think this is inconsistent an unexpected behaviour. For one
thing, the documentation in "man" for -J is far from clear, expecially
in respect to the interactions with keys.
If an explicit key is supplied by "-i" it should at least be offered to
the jump host - as a user this is what I would expect. And in a way,
this is the behaviour if I use ssh-agent to have a key in my local key
purse. I see no reason why this should differ from supplying a key on
the command line, especially when it is possible to use multiple "-i".
This would also cover the case when the required key for the jump host
differs from the key for the target host - simply supply both keys via
-i.
On the other hand it really is unexpected when an explicitly given
(correct!) key is not even offered to the jump host.

--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 3490] Inconsistent behaviour when using -i and -J options [ In reply to ]

bugzilla-daemon at mindrot

Nov 17, 2022, 4:02 PM

Post #3 of 3 (147 views)

Permalink

https://bugzilla.mindrot.org/show_bug.cgi?id=3490

--- Comment #3 from Damien Miller <djm@mindrot.org> ---
Well, it's definitely not inconsistent. Inconsistency would be some
options being passed and others not - and we definitely don't want to
unconditionally pass commandline options through. E.g. I'd almost never
want -A passed through to the jump host.

So we have to make a decision: pass no options and be consistent, or
pass some options and be inconsistent. We chose consistency, because
it's easier to reason about deterministically.

--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs