vscode-remote-x11 icon indicating copy to clipboard operation
vscode-remote-x11 copied to clipboard

Published 20 hours ago verified publisher icon joelspadin

Bastion (jump host) support?

Open maxrpi opened this issue 5 years ago • 6 comments
trafficstars

I have a remote setup with an intervening bastion machine, a.k.a., a "jump host". I use a ProxyCommand in my ssh_config file to allow the Remote (SSH) extension to sail right through. But of course, the ssh2 process being launched by remote-x11 does not take its cues from the ssh_config file and the connection to the target machine fails, even with a manually specified host. That host is just not accessible without going through the bastion machine.

Any chance you can support bastion hosts? They're not that uncommon. ssh2 does have a connection hopping solution here: https://github.com/mscdex/ssh2/issues/764. Also consider the https://github.com/Stocard/node-ssh-forward library that wraps the ssh2 jump host functionality reasonably neatly.

maxrpi avatar Sep 19 '20 03:09 maxrpi

I could attempt to support it, but I don't have a setup like that readily available to test against. (I also have other things I'd rather spend me free time on than this extension at the moment.) I'll gladly accept a PR for it though.

I did find a library for parsing ssh_config, though I didn't find anything that would automatically make ssh2 honor ssh_config. I'll make another issue to see if I can at least read the settings I do support from it though.

joelspadin avatar Sep 19 '20 23:09 joelspadin

I'm unlikely to get to it either, because of other obligations.

I'll point out that you don't really need a bastion set up to test. It's basically hopping from any host with an sshd to another host with an sshd running. Even two ports on the same machine.

maxrpi avatar Sep 23 '20 18:09 maxrpi

@maxrpi Try https://github.com/joelspadin/vscode-remote-x11/pull/34, let me know if it works for your use case.

rcketscientist avatar Oct 23 '20 11:10 rcketscientist

Hi! Thanks for the excellent extension. It made my life a lot easier. Would you like to restart work on this issue/associated PR. I have a setup that can be used for testing; and having this (proxy jump capability) would be great :)

harivyasi avatar May 14 '21 00:05 harivyasi

Have you tested whether jump hosts work with the official x11 forwarding support yet?

Since Microsoft added support for SSH forwarding to their Remote SSH extension, I do not plan to do any more work on the SSH part of this extension.

joelspadin avatar May 14 '21 00:05 joelspadin

It worked, our company switched to 2-factor and broke any chance of this working the day after I submitted a PR, lol. But for a traditional situation I think the PR comments were valid and this shouldn't be far from a valid solution.

On Thu, May 13, 2021, 20:10 Joel Spadin @.***> wrote:

Have you tested whether jump hosts work with the official x11 forwarding support yet?

Since Microsoft added support for SSH forwarding to their Remote SSH extension https://github.com/microsoft/vscode-docs/blob/main/remote-release-notes/v1_54.md#ssh, I do not plan to do any more work on the SSH part of this extension.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/joelspadin/vscode-remote-x11/issues/31#issuecomment-840906799, or unsubscribe https://github.com/notifications/unsubscribe-auth/AA6W5LTBV77TM6BBAK3EFKTTNRS5TANCNFSM4RSYUSWQ .

rcketscientist avatar May 14 '21 00:05 rcketscientist