search

Eugeny / tabby

A terminal for a more modern age
https://tabby.sh
MIT License
59.43k stars 3.4k forks source link

Support for Multiple ProxyJumps #5823

Open nicolas-tallet opened 2 years ago

nicolas-tallet commented 2 years ago

Describe the problem:

According to the following issue: #5559 , support for ProxyJump is fully operational in tabby However, I don't seem to be able to make it work whenever the target host requires going through at least two ProxyJumps (instead of one). Connection fails with the following error message:

<Target Host>: jump host "openssh-config:<ProxyJump #1>-<ProxyJump #2>" not found in your config

which seems to indicate that tabby is taking the content of the proxyjump directive, made of a comma-separated list of hosts, as one single host.

To Reproduce:

Sample .ssh/config configuration:

Host target.domain
    Hostname target.domain
    IdentityFile ~/.ssh/id_rsa
    ProxyJump pj01.domain, pj02.domain
Host pj01.domain
    Hostname pj01.domain
    IdentityFile ~/.ssh/id_rsa
Host pj02.domain
    Hostname pj02.domain
    IdentityFile ~/.ssh/id_rsa

Establish a connection to the target host should lead to the following error message:

target.domain: jump host "openssh-config:pj01.domain-pj02.domain" not found in your config
davixd commented 2 years ago

I would like to have this feature as well. I'm using the following workaround to achieve it with tabby: Direct Host: A Login Scripts: ssh -J B C

Best regards David

Eugeny commented 2 years ago

just to clarify - does the jump chain work if you set it up normally through profiles?

davixd commented 2 years ago

In profiles the single jump works well, yes. Followed my example from above jump to B works well with the profiles.

Eugeny commented 2 years ago

Not sure how to best solve this in terms of the automatic importer. In Tabby, every profile has its specific jump host assigned to it. This means that the following config can't be represented in terms of Tabby profiles:

Host h1
    ProxyJump j1, j2

Host h2
    ProxyJump j3, j2
davixd commented 2 years ago

Would it makes sense to use for the automatic importer the function as its done with Login Scripts with "New Items" in Tabby? I imagined something like this: New Profile -> General -> Connection -> Jump host -> Host: h1 -> Jump host select j1 -> add new jump host select j2.

Host h1
    jumpHost ssh:j1-xxx, ssh:j2-xxx
Eugeny commented 2 years ago

Well the current systems saves time by not having the user set up the full jump chain for every target host (instead only having to select the "nearest" host).

I think the most users will have consistent jump chains in their .ssh/config - I'll try to change the importer to offer "best effort" processing.

iainhallam commented 1 year ago

Just ran into this, and while @davixd's workaround is useful, it would be good to have Tabby just handle multiple hops.

MartinWolfCZ commented 12 months ago

Hello @davixd , please, can you tell me, how exatly set the login scripts like a jump servers? I'm not sure what to type in the Expect field. I suppose, I'll write in the send field: "ssh -J B" and next line "ssh -J C"

image

Thank you very much for help! BR, Martin