Secondary SSH connection

[Damien Miller]

On Fri, 23 Aug 2024, Dave Close wrote:

> I have several local machines that, while working, I frequently use ssh
> to do something on a different machine. While on that second machine,
> I may even use ssh to do something on a third machine. All of this
> works exactly as it should. FWIW, all of my local machines run Fedora.
> Fedora currently includes openssh-9.6p1-1.fc40.4.x86_64 package.
> 
> If I use JuiceSSH on my Android phone to contact one of my local
> machines, that also works well. But if, while connected, I try
> to start an ssh session to a different local machine, it simply
> times out. The last message seen with "ssh -vvv" is, "debug3:
> ssh_get_authentication_socket_path:". Up to that point, the output
> of "ssh -vvv" is identical when running successfully between two
> local machines without using JuiceSSH.

This is ssh trying to connect to $SSH_AUTH_SOCK, perhaps JuiceSSH's
agent that you've forwarded.

> If instead of trying to start an ssh session immediately upon
> connecting with JuiceSSH, I first use sudo to become root on the
> local machine and then try to ssh to another local machine, that works
> perfectly (provided, of course, that the second machine permits root
> ssh login). The second ssh session also works if I simply run "sudo
> su {me} -c ssh" so becoming root isn't the key.
> 
> Summary:
>   JuiceSSH -> user at machine1 -> user at machine2 :: FAILS
>   JuiceSSH -> user at machine1 -> sudo on machine1 -> user at machine2 :: WORKS

the sudo is probably clearing $SSH_AUTH_SOCK and so it doesn't
try to connect to it.

You can simulate this by clearing the environment variable yourself and
see if the hangs persist.

If it is the forwarded agent, then the problem is probably in JuiceSSH
but I'm not able to offer any debugging advice for that, sorry.

-d