sshfs-win icon indicating copy to clipboard operation
sshfs-win copied to clipboard

Published 20 hours ago verified publisher icon winfsp

SSHFS over jumphost fails

Open asbe opened this issue 4 years ago • 15 comments

Hi, trying to set up sshfs over a jumphost. Have made sure the ssh.exe in the bin folder is first in path. SSH seems to read my global config, which works as expected using ssh. I get equivalent output if I try to use one of the configured hostnames from the config (where jumphost is explicitly stated using ProxyJump)

Seems similar issues are still open, is there a need for the /bin/sh it tries to call?

C:\Program Files\SSHFS-Win\bin
λ sshfs -o idmap=user -o ssh_command="/bin/ssh.exe -vvv -J jumphost.my.com -i /cygdrive/path/to/privkey" -osshfs_debug,LOGLEVEL=debug3 [email protected]: x:
SSHFS version 3.5.2
executing </bin/ssh.exe> <-vvv> <-J> <jumphost.my.com> <-i> </cygdrive/path/to/privkey> <-x> <-a> <-oClearAllForwardings=yes> <-oLOGLEVEL=debug3> <-2> <[email protected]> <-s> <sftp>
OpenSSH_8.0p1, OpenSSL 1.1.1d  10 Sep 2019
debug1: Reading configuration data /cygdrive/path/to/config
debug1: Setting implicit ProxyCommand from ProxyJump: /bin/ssh -vvv -W '[%h]:%p' jumphost.my.com
debug1: Executing proxy command: exec /bin/ssh -vvv -W '[farside.my.com]:22' jumphost.my.com
debug1: identity file /cygdrive/path/to/privkey type -1
debug1: identity file /cygdrive/path/to/privkey-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.0
/bin/sh: No such file or directory
kex_exchange_identification: Connection closed by remote host
read: Connection reset by peer

asbe avatar Mar 27 '20 20:03 asbe

Hello

I have the same issue. Sssh connection through jumphost is working with ssh.exe (in cygwin) but not with the ssh.exe coming with SSHFS-Win. Is there any solution ?

jcsouplet avatar Jun 22 '20 20:06 jcsouplet

same Problem

ghost avatar Nov 12 '20 08:11 ghost

Same problem. Connecting to the jumphost works but jumping doesn't. Did any of you guys manage to work it out? @basti12203 @jcsouplet @asbe For me, regular ssh nameofserver works so it must be something with the specific ssh version used

doivosevic avatar Nov 19 '20 16:11 doivosevic

@billziss-gh is this a supported scenario?

doivosevic avatar Nov 20 '20 12:11 doivosevic

can I please get any answer on this? I'm more ok with this scenario not being supported than not getting any answer at all

doivosevic avatar Dec 01 '20 12:12 doivosevic

Same issue - jumping failed.

The curious part is, debug info seems to show that it has succeeded (right before it got reset by peer)

debug1: Authentication succeeded (publickey).
Authenticated to redwood.gpu (via proxy).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: pledge: proc
debug1: client_input_global_request: rtype [email protected] want_reply 0
debug1: Remote: /home/username/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Remote: /home/username/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Sending subsystem: sftp
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 2728, received 2960 bytes, in 0.2 seconds
Bytes per second: sent 11568.2, received 12552.0
debug1: Exit status 0
read: Connection reset by peer

I confirmed that using sshfs under wsl2 in command-line works (as in, it can jump). So it looks like an SSHFS-win problem. Any comments are appreciated.

Cuberick-Orion avatar Jun 23 '21 06:06 Cuberick-Orion

Is there any solution for this ? Trying to use a jumphost while being on VPN. Have had no success so far

fschiffers avatar Oct 11 '21 13:10 fschiffers

A dirty solution:

  1. Download busybox-w32 and place it somewhere you like
  2. "Install" busybox to /path/to/SSHFS-Win/bin (run as administrator): 
    .\busybox --install "C:/Program Files/SSHFS-Win/bin"

Only sh.exe is needed, you can delete other hard links. Alternatively, you may just create a hard link (/path/to/SSHFS-Win/bin/sh.exe -> /path/to/busybox.exe) manually instead of letting busybox do for you.

Rongronggg9 avatar Jan 15 '22 19:01 Rongronggg9

@Rongronggg9 Could you explain in more detail what the next steps are to map a network drive via SSHFS? I have done what you suggested, but it seems to have no effect when I afterwards try to do the mapping as indicated in the README.

mrcblt avatar Jan 19 '22 11:01 mrcblt

@Rongronggg9 Could you explain in more detail what the next steps are to map a network drive via SSHFS? I have done what you suggested, but it seems to have no effect when I afterwards try to do the mapping as indicated in the README.

@mrcblt It is impossible to map a network drive in the Explorer if you would like to use a proxy jump. You must mount the network drive by manually using sshfs.

Command (note that -o ssh_command=bin/ssh.exe is essential, unless /path/to/SSHFS-Win/bin is on top of your PATH):

sshfs [user@]host:[dir] mountpoint -o ssh_command=bin/ssh.exe [options]

To use a proxy jump, you may replace -o ssh_command=bin/ssh.exe with -o ssh_command="bin/ssh.exe -J [user@]host[:port]". But I recommend you to set a proxy jump in ~/.ssh/config:

Host jump
        Hostname jump.example.com
        User jump
        Port 1234

Host drive
        Hostname drive.example.com
        User drive
        Port 4321
        ProxyJump jump

Then mount it using sshfs:

sshfs drive:/path/to/mount Z: -o ssh_command=bin/ssh.exe

Rongronggg9 avatar Jan 19 '22 13:01 Rongronggg9

@Rongronggg9 I have exactly that (just different user and hostnames. I get a reed: Connection reset by peer error.

ElanHasson avatar Jun 21 '22 22:06 ElanHasson

@ElanHasson Have you done this? https://github.com/winfsp/sshfs-win/issues/166#issuecomment-1013741113

Rongronggg9 avatar Jun 22 '22 01:06 Rongronggg9

would be awesome to support this

Goddard avatar Jan 11 '23 20:01 Goddard

@Goddard just to mention it sshf-win can utilize jump hosts, the procedure is described here,

https://github.com/winfsp/sshfs-win/blob/0fd26684695513f8b6f46d70a941a2c97a9c3c82/README.md?plain=1#L141-L165

and works flawlessly for me

BrianMarre avatar Jan 12 '23 09:01 BrianMarre

@Rongronggg9 Could you explain in more detail what the next steps are to map a network drive via SSHFS? I have done what you suggested, but it seems to have no effect when I afterwards try to do the mapping as indicated in the README.

@mrcblt It is impossible to map a network drive in the Explorer if you would like to use a proxy jump. You must mount the network drive by manually using sshfs.

Command (note that -o ssh_command=bin/ssh.exe is essential, unless /path/to/SSHFS-Win/bin is on top of your PATH):

sshfs [user@]host:[dir] mountpoint -o ssh_command=bin/ssh.exe [options]

To use a proxy jump, you may replace -o ssh_command=bin/ssh.exe with -o ssh_command="bin/ssh.exe -J [user@]host[:port]". But I recommend you to set a proxy jump in ~/.ssh/config:

Host jump
        Hostname jump.example.com
        User jump
        Port 1234

Host drive
        Hostname drive.example.com
        User drive
        Port 4321
        ProxyJump jump

Then mount it using sshfs:

sshfs drive:/path/to/mount Z: -o ssh_command=bin/ssh.exe

Great solution!That works well for me.

wsj-sjtu avatar Jun 05 '23 14:06 wsj-sjtu