ProxyCommand from config file: not supported?

[nugged]

It's great that it is somewhat standalone SSH to work with a lot of servers and so on, but does this module supports ProxyCommand in config file? (I suppose no).

Is it too complicated to appear / never will be supported (so switch to another module?)?

[sensei-hacker]

ProxyCommand is kinda semantic sugar - you can accomplish the same result by running the "proxy" command first. But if you do want to use it:

This module is written in Perl. I would think it would be pretty simple to add. One would just line a line or two of code to run whatever command is passed as the argument to ProxyCommand. I suspect a skilled Perl programmer could add that in about 10-20 minutes, a competent Perl programmer in 15-30 minutes.

You're a Perl programmer, right?

[nugged]

(does your question a rhetorical one? If no - "somewhat Perl programmer, I am, right!")

So actually, "proxy" is the way to dig further? I saw that submodule, but it looked like socks and other kinds of proxy but not ssh-over-ssh or how with ssh ... it's not enough documentation/samples there that's why I was slightly confused about that

[sensei-hacker]

"Somewhat Perl programmer" is a solid answer! With the information I'm about to give you, ProxyCommand will probably be doable for you, but challenging. Not really easy, but entirely possible.

ProxyCommand doesn't implement a proxy. It's far simpler than that. It just runs a command. It basically just calls system(). You won't need a proxy module.

In particular, it doesn't implement a proxy OVER ssh. It's used to ask an existing proxy implementation to connect BEFORE running SSH.

So for example, let's say you were using a dial-up modem. You need to dial before doing the ssh connection. You could use:

ssh -oProxyCommand 'dial.sh 212-123-4567' myserver.com

Note ssh doesn't do the dialing. All it does is call your existing dial.sh script. dial.sh is the "proxy" (command run before making the ssh connection).

A more common simple use case: ssh -oProxyCommand 'nc jump.com' dest.com

That just calls "nc jump.com" before doing anything else.

We could ALMOST implement ProxyCommand as: system($proxy_cmd);

The one wrinkle is that we have to connect stdin (standard input) and stout (standard output) to the command, so that whatever we write goes to that command and we read whatever that command writes. For that, we use open2(), which is like system() except it captures stdin and stdout:

use IPC:open2; my $cmd_in: my $cmd_out; open2(my cmd_out, $cmd_in, proxy_cmd);

You can redirect something like this: open (STDIN, $cmd_out);

You can also use select() to redirect stdout: select($cmd_in);

It's early in the morning and I haven't had my coffee yet; half my brain is still asleep. So I'm not feeling like figuring out exactly which way around stdin and stdout need to be connected. Do we need this?:

open (STDIN, $cmd_out); or this?: open ($cmd_out, STDIN);

Or maybe: open (STDIN, $cmd_in);

If you figure out which way around to connect stdin and stdout with $cmd_in and $cmd_out, you'll probably have ProxyCommand working.

[briandfoy]

I've forked this project at briandfoy/net-ssh-perl, and you can reopen this issue there if you'd like. Otherwise, I'll add it myself at some later time. See #22.

If you include text like transferred from linkley/Net-SSH-Perl#21, GitHub should make a reference between the two issues. You should see such a reference in this issue now.

I don't have a fix for this issue, but can merge someone else's work.