Request for `-F` option

[labs-stellios]

This is a request to support a -F configfile option. As a user, I'd like to preserve my normal SSH flow with a bastion whose details are captured in an SSH config file.

[spook]

Howdy @labs-stellios - What would be in this config file? The option switch values? I don't understand your request, sorry.

[demotomohiro]

Hello, -F configfile option of ssh specifies an alternative per-user configuration file. Format of this config file is explained in man ssh_config.

I think adding -F option to sshping and pass specified path to ssh_options_parse_config would be fine.

Adding -F option to sshping can solve https://github.com/spook/sshping/issues/24 by adding ProxyJump option to the config file. In my case, I need to set ProxyCommand option to connect my ssh server.

[labs-stellios]

Ah sorry for the late reply, @spook . Here's an example host alias in my ~/.ssh/config if that helps. @demotomohiro has it spot on with the ProxyJump option:

Host some.place.cool
  HostName              127.0.0.1
  User                  yourstruly
  Port                  6255
  ProxyJump             bastion
  StrictHostKeyChecking no
  UserKnownHostsFile    /dev/null
  IdentityFile          /private/key/path.priv

[spook]

Ah, ok ... I get it. Sorry for being so dense. Yep we can do this.

[spook]

@labs-stellios I added the -F option, try it out, let me know if this is what you wanted.

[labs-stellios]

Thank you! In my use case, I'm getting a socket error, where I can normally SSH in OK:

$ ./sshping -vvv -F $BASTION_CONFIG remotehostname
User: --not specified--
Host: remotehostname
Port: 22
Echo: cat > /dev/null
 Cfg: /path/to/my/bastion.config

+++ Attempting connection to remotehostname:22
[2020/10/30 22:03:40.680452, 2] ssh_connect:  libssh 0.9.3 (c) 2003-2019 Aris Adamantiadis, Andreas Schneider and libssh contributors. Distributed under the LGPL, please refer to COPYING file for information about your rights, using threading threads_pthread
[2020/10/30 22:03:40.680567, 2] ssh_socket_connect_proxycommand:  Executing proxycommand 'ssh -W [127.0.0.1]:6256 bastion'
[2020/10/30 22:03:40.680908, 2] ssh_socket_connect_proxycommand:  ProxyCommand connection pipe: [3,4]
[2020/10/30 22:03:40.680991, 1] socket_callback_connected:  Socket connection callback: 1 (0)
[2020/10/30 22:03:40.681027, 2] ssh_connect:  Socket connecting, now waiting for the callbacks to work
[2020/10/30 22:03:40.813318, 1] ssh_socket_exception_callback:  Socket exception callback: 2 (104)
[2020/10/30 22:03:40.813394, 1] ssh_socket_exception_callback:  Socket error: Connection reset by peer
*** Error connecting: Socket error: Connection reset by peer
*** Cannot establish ssh session

[spook]

Hi @labs-stellios,

I'm unable to reproduce the failure you got. It's working for me with a similar bastion config:

$ cat ~/.ssh/cow-jump.cfg
Host g4t8660g
  HostName              g4t8660g.(hidden).com
  User                  (hidden)
  IdentityFile          /home/spook/.ssh/id_rsa
  ProxyJump             spook@cow  
  StrictHostKeyChecking no
  UserKnownHostsFile    /dev/null

$ sshping -vv -F ~/.ssh/cow-jump.cfg g4t8660g
User: --not specified--
Host: g4t8660g
Port: 22
Echo: cat > /dev/null
 Cfg: /home/spook/.ssh/cow-jump.cfg

+++ Attempting connection to g4t8660g:22
[2020/11/24 11:48:54.344510, 2] ssh_connect:  libssh 0.9.5 (c) 2003-2019 Aris Adamantiadis, Andreas Schneider and libssh contributors. Distributed under the LGPL, please refer to COPYING file for information about your rights, using threading threads_pthread
[2020/11/24 11:48:54.344568, 2] ssh_socket_connect_proxycommand:  Executing proxycommand 'ssh -l spook -W [g4t8660g.(masked).com]:22 cow'
[2020/11/24 11:48:54.344739, 2] ssh_socket_connect_proxycommand:  ProxyCommand connection pipe: [3,4]
[2020/11/24 11:48:54.344790, 1] socket_callback_connected:  Socket connection callback: 1 (0)
[2020/11/24 11:48:54.344815, 2] ssh_connect:  Socket connecting, now waiting for the callbacks to work
[2020/11/24 11:48:55.635228, 2] ssh_client_connection_callback:  SSH server banner: SSH-2.0-OpenSSH_5.3
    . . .
+++ Connected to g4t8660g:22
+++ Authenticated by public key method
+++ Login shell established
ssh-Login-Time:         4417053582 ns
+++ Echo responder started
    . . .

A difference I noticed is you have libssh 0.9.3 and I have 0.9.4. But your verbose output shows that it has properly formed the older proxycommand string (ssh -W ...). What do you get with a simple ssh -v -J command for the "debug1: Setting implicit ProxyCommand from ProxyJump: ..." line and the following line, and how does it compare to libssh's output?

[labs-stellios]

My usage seems off:

ssh -v -i /private/key/path.priv -J [email protected]:6255
usage: ssh [-@46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface]
           [-b bind_address] [-c cipher_spec] [-D [bind_address:]port]
           [-E log_file] [-e escape_char] [-F configfile] [-I pkcs11]
           [-i identity_file] [-J [user@]host[:port]] [-L address]
           [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
           [-Q query_option] [-R address] [-S ctl_path] [-W host:port]
           [-w local_tun[:remote_tun]] destination [command]

[studgeek]

From what I can tell its not reading the config file since I don't get an error even if I give it a invalid filename?

$ bin/sshping -F FILEDOESNOTEXIST myhostname
*** Error connecting: Failed to resolve hostname myhostname (nodename nor servname provided, or not known)
*** Cannot establish ssh session

[waazaawaazaa]

@spook : May this also be an instance of https://github.com/spook/sshping/issues/28 ? It seems that your config does not have Port specified, while the config of @labs-stellios does.