|

SSH (Secure Shell)

can sshclient execute a local command ?

View: New views

8 Messages — Rating Filter: Alert me

	can sshclient execute a local command ? by J. Bakshi-3 :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message Hello list, I have openssh-client __1:5.1p1-5+b1 installed in my debian box. I have remote ssh information stored in my .ssh/config file. I have protected one remote ssh by fwknop. When I need ssh login to that particular sever I have to open the port with fwknop client installed in my local box. Is there any option in sshclient so that It can execute a local command ( here the fwknop obviously ) before doing ssh to that remote server ? Thanks
	Re: can sshclient execute a local command ? by Aarón Mizrachi :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message On Martes 21 Julio 2009 12:29:44 J. Bakshi escribió: > Hello list, > > I have openssh-client __1:5.1p1-5+b1 installed in my debian box. I have > remote ssh information stored in my .ssh/config file. I have protected one > remote ssh by fwknop. When I need ssh login to that particular sever I have > to open the port with fwknop client installed in my local box. Is there any > option in sshclient so that It can execute a local command ( here the > fwknop obviously ) before doing ssh to that remote server ? > > Thanks You can do something like that defining some alias on /etc/bashrc alias ssh="function dossh { fwknop -A \"tcp/22\" -s -D \$1; /usr/bin/ssh -l myuser \$1; }; dossh " Then: ssh myhost Moreover... for more complex expresion... you can add the user parameter as $2, add if's if you want, or even use the $@ and extract the hostname from the parameters to use it on fwknop and use the rest of the argument on -A and ssh command. -- Ing. Aaron G. Mizrachi P. http://www.unmanarc.com Mobil 1: + 58 416-6143543 Mobil 2: + 58 424-2412503 BBPIN: 0x 247066C1 signature.asc (205 bytes) Download Attachment
	Re: can sshclient execute a local command ? by J. Bakshi-3 :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message On Wed, 22 Jul 2009 01:27:14 -0430 Aar__n Mizrachi <unmanarc@...> wrote: > On Martes 21 Julio 2009 12:29:44 J. Bakshi escribi__: > > Hello list, > > > > I have openssh-client __1:5.1p1-5+b1 installed in my debian box. I > > have remote ssh information stored in my .ssh/config file. I have > > protected one remote ssh by fwknop. When I need ssh login to that > > particular sever I have to open the port with fwknop client > > installed in my local box. Is there any option in sshclient so that > > It can execute a local command ( here the fwknop obviously ) before > > doing ssh to that remote server ? > > > > Thanks > > You can do something like that defining some alias on /etc/bashrc > > alias ssh="function dossh { fwknop -A \"tcp/22\" -s -D > \$1; /usr/bin/ssh -l myuser \$1; }; dossh " > > Then: ssh myhost > > Moreover... for more complex expresion... you can add the user > parameter as $2, add if's if you want, or even use the $@ and extract > the hostname from the parameters to use it on fwknop and use the rest > of the argument on -A and ssh command. > > well, using the alias is a brilliant idea, but I have multiple hosts and they have different fwknop encryption password. That's why I stored all the server info at .ssh/config file. It would be helpful if ssh can execute local command for individual host prior to its connection attempt.
	Re: can sshclient execute a local command ? by Tim Walberg-2 :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message Perhaps this approaches what you're trying to do: http://code.google.com/p/ssh-fwknop/ On 07/22/2009 22:21 +0530, J. Bakshi wrote: >> On Wed, 22 Jul 2009 01:27:14 -0430 >> Aar__n Mizrachi <unmanarc@...> wrote: >> >> > On Martes 21 Julio 2009 12:29:44 J. Bakshi escribi__: >> > > Hello list, >> > > >> > > I have openssh-client __1:5.1p1-5+b1 installed in my debian box. I >> > > have remote ssh information stored in my .ssh/config file. I have >> > > protected one remote ssh by fwknop. When I need ssh login to that >> > > particular sever I have to open the port with fwknop client >> > > installed in my local box. Is there any option in sshclient so that >> > > It can execute a local command ( here the fwknop obviously ) before >> > > doing ssh to that remote server ? >> > > >> > > Thanks >> > >> > You can do something like that defining some alias on /etc/bashrc >> > >> > alias ssh="function dossh { fwknop -A \"tcp/22\" -s -D >> > \$1; /usr/bin/ssh -l myuser \$1; }; dossh " >> > >> > Then: ssh myhost >> > >> > Moreover... for more complex expresion... you can add the user >> > parameter as $2, add if's if you want, or even use the $@ and extract >> > the hostname from the parameters to use it on fwknop and use the rest >> > of the argument on -A and ssh command. >> > >> > >> >> well, using the alias is a brilliant idea, but I have multiple hosts and they have different fwknop encryption password. That's why I stored all the server info at .ssh/config file. It would be helpful if ssh can execute local command for individual host prior to its connection attempt. End of included message -- +----------------------+ \| Tim Walberg \| \| 830 Carriage Dr. \| \| Algonquin, IL 60102 \| \| twalberg@... \| +----------------------+
	Re: can sshclient execute a local command ? by J. Bakshi-3 :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message On Thu, 23 Jul 2009 12:16:46 -0500 Tim Walberg <twalberg@...> wrote: > Perhaps this approaches what you're trying to do: > > http://code.google.com/p/ssh-fwknop/ Thanks, a nice wrapper. It will help me to a great extend. many many thanks. > > > On 07/22/2009 22:21 +0530, J. Bakshi wrote: > >> On Wed, 22 Jul 2009 01:27:14 -0430 > >> Aar__n Mizrachi <unmanarc@...> wrote: > >> > >> > On Martes 21 Julio 2009 12:29:44 J. Bakshi escribi__: > >> > > Hello list, > >> > > > >> > > I have openssh-client __1:5.1p1-5+b1 installed in my > >> > > debian box. I have remote ssh information stored in > >> > > my .ssh/config file. I have protected one remote ssh by > >> > > fwknop. When I need ssh login to that particular sever > >> > > I have to open the port with fwknop client installed in > >> > > my local box. Is there any option in sshclient so that > >> > > It can execute a local command ( here the fwknop > >> > > obviously ) before doing ssh to that remote server ? > >> > > > >> > > Thanks > >> > > >> > You can do something like that defining some alias > >> > on /etc/bashrc > >> > > >> > alias ssh="function dossh { fwknop -A \"tcp/22\" -s -D > >> > \$1; /usr/bin/ssh -l myuser \$1; }; dossh " > >> > > >> > Then: ssh myhost > >> > > >> > Moreover... for more complex expresion... you can add the > >> > user parameter as $2, add if's if you want, or even use > >> > the $@ and extract the hostname from the parameters to > >> > use it on fwknop and use the rest of the argument on -A > >> > and ssh command. > >> > > >> > > >> > >> well, using the alias is a brilliant idea, but I have > >> multiple hosts and they have different fwknop encryption > >> password. That's why I stored all the server info > >> at .ssh/config file. It would be helpful if ssh can execute > >> local command for individual host prior to its connection > >> attempt. > End of included message > > >
	Re: can sshclient execute a local command ? by Aaron Davies-2 :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message On Jul 23, 2009, at 12:51 AM, J. Bakshi wrote: > well, using the alias is a brilliant idea, but I have multiple hosts > and they have different fwknop encryption password. That's why I > stored all the server info at .ssh/config file. It would be helpful > if ssh can execute local command for individual host prior to its > connection attempt. the unix philosophy is "do one thing and do it well". the shell is the traditional place to handle glue problems like this. e.g., if only one of your servers needs to be fwknop'd first, something like this: #!/bin/sh test "$1" == sekrit.server && fwknop ... /usr/bin/ssh $* fill in the server and the fwknop params, name it "ssh", and put it somewhere ahead of /usr/bin in your PATH. -- Aaron Davies aaron.davies@...
	Re: can sshclient execute a local command ? by "Peter Valdemar Mørch (Lists)" :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message ProxyCommand is king. How about this in ~/.ssh/config: Host secret.server.com ProxyCommand /some/path/fwknopssh secretfwknopparam %h Host othersecret.server.com ProxyCommand /some/path/fwknopssh othersecret %h And then /some/path/fwknopssh being: #!/bin/bash param=$1 host=$2 # Do something with $param, e.g. run fwknop. I just: echo $param > /tmp/fwknop nc -w 1 $host 22 I got the "secretfwknopparam" and "othersecret" to end up in /tmp/fwknop before logging in to the servers. Does that work for you? Peter -- Peter Valdemar Mørch http://www.morch.com
	Re: [SOLVED] can sshclient execute a local command ? by J. Bakshi-3 :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message Thanks to all of you for your suggestions. I have finally solved it. Simplicity is beauty and we can solve complex problem with simple tricks. I have modified my self-designed sshmanager script to knock with fwknop if the remote host has fwknop server. Just see the configuration of .ssh/config .ssh/config ```````````````````` Host example1 .... .... Host example2 #fwknop -A 22/tcp -R -D remoteserver.com Hostname remoteserver.c Host exampl3 ....... ````````````````````````````` Here is the function I have added in my sshmanager script ```````````````````````````` check_fwknop() { # Check if the Host is protected by fwknop by checking the next line # Note: If you have fwknop configureation place it just next to Host #(commented by # ) # at .ssh/config file fwknop_status=`sed -n "/$ssh_Server/,+1 p" ~/.ssh/config \ \|grep fwknop \| sed -e 's/#//g'` if [ ! -z "$fwknop_status" ] then echo `$fwknop_status` 1 > /dev/null fi } ````````````````````````````````` The trick is, if the server has fwknop then add the fwknop configuration ( following #) at the next line of concerened Host name. The function check the next line of Host and if it found fwknop there then execute it before doing ssh. Simplicity is beauty. On Fri, 24 Jul 2009 00:53:44 +0200 "Peter Valdemar M__rch (Lists)" <4ux6as402@...> wrote: > ProxyCommand is king. > > How about this in ~/.ssh/config: > > Host secret.server.com > ProxyCommand /some/path/fwknopssh secretfwknopparam %h > Host othersecret.server.com > ProxyCommand /some/path/fwknopssh othersecret %h > > And then /some/path/fwknopssh being: > > #!/bin/bash > param=$1 > host=$2 > # Do something with $param, e.g. run fwknop. I just: > echo $param > /tmp/fwknop > nc -w 1 $host 22 > > I got the "secretfwknopparam" and "othersecret" to end up > in /tmp/fwknop before logging in to the servers. > > Does that work for you? > > Peter