[Bug 2906] Need something like 'Match finalpass'
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Tue Feb 19 21:49:02 AEDT 2019
https://bugzilla.mindrot.org/show_bug.cgi?id=2906
--- Comment #12 from Maciej Żenczykowski <zenczykowski at gmail.com> ---
btw. are you sure your example is correct?
Perhaps you meant to have:
Match host *.ext.example.com
ProxyCommand ssh -q ext -W %h:%p
Match host ext
Hostname bastion.ext.example.com
Match final
...
(ie. opposite order)
Because - while I haven't tested it - by my naive interpretation of the
matching rules your example should have also resulted in infinite
ssh's.
For your example:
x.ext.example.com triggers the proxycommand, so we ssh to ext
ext gets converted to bastion.ext.example.com
which then triggers the proxycommand (due to ordering)
Match final should not be needed.
With the ordering I gave above, I think Match final does introduce the
problem, but then I think adding ProxyCommand none to the host ext
block still solves it...
???
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list