[ale] SSH Tunnel and Agent Question
brian at polibyte.com
brian at polibyte.com
Fri Sep 18 16:47:42 EDT 2009
I'm logged in to a server, host_1, with a private ip address that cannot
reach the internet. host_1 can reach host_2, which can then reach the
internet.
I want to pull some files from host_4. The only way to reach host_4 is
via a "bastion" server, host_3. host_1 can't connect to host_3, but
host_2 can.
host_2, host_3, and host_4 are all running sshd. My user on host_1 has
an ssh key that allows login to host_2, host_3, and host_4.
After some experimentation, I found that the following rsync line works.
rsync -ave "ssh -A host_2 ssh -A host_3 ssh" host_4:/remote/files/
/local/files
I was curious if I could do the same things with an ssh tunnel. I set
one up with
ssh -fNA -o ProxyCommand='ssh host_2 nc %h %p' -L 2222:host_4:22 host_3
I know the tunnel works, because I can do
ssh -vp 2222 localhost
and I'll be logged in to host_4. The end of the ssh debug messages say
debug1: Next authentication method: publickey
debug1: Offering public key:
debug1: Server accepts key: *snip*
debug1: Authentication succeeded (publickey).
However, when I try to use rsync over the tunnel
rsync -e "ssh -vp 2222" localhost:/remote/files/ /local/files
It doesn't work and the end of the ssh debug messages say.
debug1: Next authentication method: publickey
debug1: Offering public key:
debug1: Authentications that can continue: publickey,gssapi-with-mic
debug1: Offering public key:
debug1: Authentications that can continue: publickey,gssapi-with-mic
debug1: Trying private key: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-with-mic).
Why does rsync over the tunnel fail when ssh worked?
All the best,
Brian
More information about the Ale
mailing list