wrapper script to use cvs/scp through a ssh gateway

From: bearclaw (bearclaw_at_free.fr)
Date: 09/28/05 

Date: Wed, 28 Sep 2005 00:01:57 +0200

I'm trying to write a ssh-wrapper program to be able to use cvs, scp...
through an ssh gateway, but ran into trouble.

Here is the situation (in case "ssh gateway" is not clear enough):
>From home, to reach lab1.lab.com through ssh, I have to do
$ssh -t user@gateway.lab.com lab1

Then I have to type my password twice (once for the ssh on the gateway, the
second time for the ssh on lab1).

Of course I can't run cvs or scp through this, the only way I have now is to
do my ssh through the gateway, then do a ssh from lab1 to home (which I can
do directly) with a tunnel to forward a random port to the sshd port on
lab1...

My idea was to write a progam that would be called instead of ssh by the
application and would:
        -change the ssh command line "ssh args host command" to "ssh args -t -t
gateway host echo magicstring && command
        -invoke ssh as a child process
        -while the magicstring is not received
                -read from the tty and send everythong to ssh
                -send everything from ssh to tty
        -when the magic string is received
                -just bridge ssh and the client app

The double -t is required, otherwise I can't type in the second password.
However, this leads to two problem:
        -everything that ssh receives is echoed back
        -\n are changed to \r\n
 for instance typing "echo a |sshwrapper lab1 cat" will print back
a\r\na\r\n
        
An ugly hack can get rid of the echo, but there is no way to solve the \r\n
problem.

So, is there a way to supress the echo/ \r\n transformation? I think this is
related to the use of -t -t, but unless I can convince my sysadmins to
allow the use of ssh keys I will need this options to type my password.
Hope I was clear enough :)
        bearclaw

Relevant Pages

  • Re: [SLE] tunneling through an intermediate host
    ... The login to the gateway is via ssh. ... Is this so called administrator under ...
    (SuSE)
  • Re: [SLE] tunneling through an intermediate host
    ... SSH to the gateway as usual, setting up a forwarded port to ... >> enable X forwarding on this first connection since it doesn't ... >> sound like you're actually running anything X from the gateway. ...
    (SuSE)
  • Re: iptables: forwarding port to another machine
    ... > I have two machines I would like to be able to ssh into from the internet. ... > the gateway machine you can ssh in from the internet. ... > What I would like is to add to my iptables firewall some rules that would ...
    (comp.os.linux.security)
  • Re: Secure Remote Control
    ... > The problem is that I need to find a low cost solution to be able ... > the Netware servers. ... One solution would be to tunnel your VNC traffic through SSH (which ... fix here may be a gateway SSH server. ...
    (Security-Basics)
  • Changing PATH compiled into sshd
    ... I need to change the default PATH its setting when a user logs in via ssh. ... Essentially I've got a machine that serves as a gateway into a private ... running sshd through /bin/login isn't acceptable since I need X11 ... If I can get the PATH reset I should be good to go. ...
    (comp.security.ssh)