Menu

#32 ControlMaster / ProxyJump

v1.06
open
nobody
None
5
2025-02-06
2025-02-06
bitozoid
No

Let's say I have four hosts:

  • M: my local machine,
  • P: a proxy machine (logged in via PubkeyAuthentication),
  • D: a remote machine that I have direct access to,
  • H: a remote machine that I do not have direct access to, but I can reach through P (somehow hidden).

If I ssh from M to D using 'ControlMaster auto', once I close the shell connection the mux connection is kept open for future connections. That is, two processes are running in M:

  • an ssh interactive process, and
  • another independent ssh master process named '[mux]'

but the former is killed once I close the shell, and the latter is the one kept open for future connections.

If I sshpass from M to D using 'ControlMaster auto', I get three processes:

  • an sshpass process, parent of
  • an ssh interactive process, child of the sshpass process,
  • an independent ssh master process named '[mux]',

and only the mux process survives after the shell is closed, so it can be reused.

If I ssh from M to H using 'ControlMaster auto' and P as the ProxyJump host, then I get four processes:

  • an ssh interactive process to H, parent of
  • an ssh interactive process to P,
  • an independent ssh master process name '[mux]' to P
  • an independent ssh master process name '[mux]' to H

and again, the first one is killed once I close the shell but the other three are kept running. So that, I can reuse the socket for later usage.

However, if I sshpass from M to H using 'ControlMaster auto' and P as the ProxyJump host, then I also get five processes:

  • an sshpass process, parent of
  • an ssh interactive process to H, parent of
  • an ssh interactive process to P, grandchild of the sshpass process,
  • a ssh master process name '[mux]' to P
  • a ssh master process name '[mux]' to H

BUT then when I close the remote shell, everyone dies but the mux process to P, and the socket that connects to H disappear. So that, I cannot reuse the previous connection.

This looks like an sshpass bug to me, since ssh seems to work fine when used without sshpass.

A simplified config in this case would be:

Host H
  PubkeyAuthentication no
  Proxyjump P
Host D
  PubkeyAuthentication no
Match host !localhost,*
  ControlMaster auto
  ControlPath ~/.ssh/sockets/test-%h
  ControlPersist 30m

Discussion

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.