Subject: Solaris 8 / ACE PAM Agent / OpenSSH 3.8p1 Difficulties - msg#00013

Previous Message by Date: click to view message preview

running an (open)ssh session ONLY to forward ports.

According to my reading of the man page, the command: ssh -L 5999:cvs.mynet.com:5999 -l me -n -N -T -x myserver should open a session to the sshd on myserver. (Assuming I have keys set up to allow the authentication). the session should just hang around with: -n with all input "disabled" -N No remote command executed. -T No remote pty allocated on the far end -x no X11 forwarded. and wait for connections on port 5999 However, it doesn't seem to work that way. here> ssh -L 5999:cvs.mynet.com:5999 -l me -n -N -T -x myserver Warning: no access to tty (Bad file descriptor). Thus no job control in this shell. stty: stdin isn't a terminal stty: stdin isn't a terminal `/usr/bin/tty`: Ambiguous. here> Is there a set of options that will open a session which does NOTHING but forward ports WITHOUT openning any tty session at all. Preferably the session would hang around forever waiting for connections at port 5999. but if it quit after the connection at 5999 exited that would be ok as I could just put it in a for loop (or in /etc/ttys so that init restarts it.) I don't want any shells or othre resources used on the server. Just an sshd forwarding my data. thanks Julian p.s. OpenSSH version installed: OpenSSH_3.5p1 FreeBSD-20030924, SSH protocols 1.5/2.0, OpenSSL 0x0090701f (with some security patched applied)

Next Message by Date: click to view message preview

Re: running an (open)ssh session ONLY to forward ports.

Am 11:20 07.04.2004 -0700 teilte Julian Elischer mir folgendes mit: -> ->According to my reading of the man page, the command: -> ->ssh -L 5999:cvs.mynet.com:5999 -l me -n -N -T -x myserver -> ->should open a session to the sshd on myserver. ->(Assuming I have keys set up to allow the authentication). -> ->the session should just hang around with: ->-n with all input "disabled" ->-N No remote command executed. ->-T No remote pty allocated on the far end ->-x no X11 forwarded. ->and wait for connections on port 5999 -> -> ->However, it doesn't seem to work that way. -> ->here> ssh -L 5999:cvs.mynet.com:5999 -l me -n -N -T -x myserver -> <snip> ->I don't want any shells or othre resources used on the server. Just an sshd ->forwarding my data. Hm, *my* man page doesn't know -T or -N (OpenSSH_3.7p1). You should specify platform and version, if you want specific help. Therefore, unspecific: You might do a ssh -L 5999:cvs.mynet.com:5999 -x myserver "sleep 600". You then got a 10 minutes sleep (which doesn't cost any remarkable cpu resources) which lets you establish the tunnel. Once the tunnel is established, the shell exits (freeing resources) and the ssh connection will end once you tear down the tunnel. Generally, not much reason to optimize further, I'd say. You can shorten the sleep, though. With cvs, otoh, you seem to want sth like a "permanent tunnel"... in that case I'd program a tiny shell for the server which just waits for ^C or something. Should be very low on resource consummation. Actually, in comparison with the resource the sshd consumes, all that should be rather neglectable. hth, JO

Previous Message by Thread: click to view message preview

running an (open)ssh session ONLY to forward ports.

According to my reading of the man page, the command: ssh -L 5999:cvs.mynet.com:5999 -l me -n -N -T -x myserver should open a session to the sshd on myserver. (Assuming I have keys set up to allow the authentication). the session should just hang around with: -n with all input "disabled" -N No remote command executed. -T No remote pty allocated on the far end -x no X11 forwarded. and wait for connections on port 5999 However, it doesn't seem to work that way. here> ssh -L 5999:cvs.mynet.com:5999 -l me -n -N -T -x myserver Warning: no access to tty (Bad file descriptor). Thus no job control in this shell. stty: stdin isn't a terminal stty: stdin isn't a terminal `/usr/bin/tty`: Ambiguous. here> Is there a set of options that will open a session which does NOTHING but forward ports WITHOUT openning any tty session at all. Preferably the session would hang around forever waiting for connections at port 5999. but if it quit after the connection at 5999 exited that would be ok as I could just put it in a for loop (or in /etc/ttys so that init restarts it.) I don't want any shells or othre resources used on the server. Just an sshd forwarding my data. thanks Julian p.s. OpenSSH version installed: OpenSSH_3.5p1 FreeBSD-20030924, SSH protocols 1.5/2.0, OpenSSL 0x0090701f (with some security patched applied)

Next Message by Thread: click to view message preview

How to use ssh without requiring passwords each time

To whom it may concern, I need to be able to connect between to trusted RedHat Linux 9.0 hosts without having to enter a password each time. I have used networks were this is possible,however I am unable to make it work on my current network. I have tried the following, but have had no luck: adding public keys to .ssh/authorised_keys2 adding entries to /etc/hosts.equiv set the sshd.conf parameters: HostbasedAuthentication yes AuthorizedKeysFile .ssh/authorized_keys2 Can you tell me what else needs to be done? Is there a simple check list? Thank you for your trouble. regards, James Sinnamon -- James Sinnamon sinnamon@xxxxxxxxxxxxxx ph +61 412 319669