ssh with proxyjump on windows 10

Josh Soref jsoref at gmail.com
Tue Apr 9 10:22:50 AEST 2019


So, I finally took the time to use process monitor (sysinternals.com). I
provided the logging in a pull request to a pull request to
openssh-portable:

https://github.com/manojampalam/openssh-portable/pull/2

The short of it is that CreateProcessW decides how to find a program in a
command string based on a heuristic.

ssh uses `'` instead of `"` because it's guarding something (expansion of
hostnames I think).

Under this condition, Windows decided that either the entire string was a
complete path to a program or it was a complete path to a program without
".exe".

If the first character of the command is a `"`, and there's a matching `"`,
CreateProcessW will use that as its starting point for finding the program.

Otherwise, if a `"` character is introduced into the command-line somewhere
else, Windows knows that nothing past that can possibly be part of the
program path - as ideally people would stick the program path in `"` too.

The current PR to openssh-portable replaces the `'` with `"` which enables
CreateProcessW to search backwards from that point, trying each thing up to
a ` ` to see "are you a program?"/"are you a program if I add .exe?"

Which is still pretty inefficient.

Ideally one can tell CreateProcessW "this is the program".

I sent a naïve PR which just helps CreateProcessW along and then the more
correct one which tells it "this is it".

I don't think openssh itself needs to use `'` as opposed to `"` for the
proxy jump. And I'm pretty sure it could tolerate the quotes around the
program itself.


More information about the openssh-unix-dev mailing list