0

The setup: only a single server in the group is acessible via SSH. Others are accessible from the former via RSH only.

So when I want to execut a command on other servers, I do this:

$ ssh asd10 rsh asd7 hostname
ASD7

Is it possible to combine this into ProxyCommand in the classical SSH jumphost way?

A configuration like this will allow you to proxy through HOST A.

$ cat .ssh/config

Host host-a
  User your_username
  Hostname 10.0.0.5

Host host_b
  User your_username
  Hostname 192.168.0.1
  Port 22  
  ProxyCommand ssh -q -W %h:%p host-a

Now if you want to connect to your HOST B, all you have to type is ssh host_b

... so I could run:

$ ssh asd7 hostname
ASD7

?

[Supplemented]

If I go straightly like @cas asked:

$ ssh -t -o ProxyCommand='ssh asd10 rsh %h' asd7 hostname
tcgetattr: Invalid argument
ioctl TIOCGETP: Invalid argument
ioctl TIOCLGET: Invalid argument
ioctl TIOCGETC: Invalid argument
ioctl TIOCGLTC: Invalid argument
ioctl TIOCGETP: Invalid argument
ioctl TIOCLGET: Invalid argument
ioctl TIOCSLTC: Invalid argument
ioctl TIOCSETC: Invalid argument
ioctl TIOCSETN 3: Invalid argument
ioctl TIOCLSET: Invalid argument
Killed by signal 2.

... it stays in a loop until I press Ctrl-C.

It probably waits for the input and then generates no output. I haven't used a working shell session in parallel to check if the former actually spawns any new processes.

saulius2
  • 121
  • 1
  • 5
  • 1. have you tried it? what did it do? 2. I very strongly recommend telling your cluster's sysadmin that `rsh` isn't safe even on a private network, there is no excuse for running `rsh` anywhere these days (`telnet` is kind of OK as an emergency way to login - e.g. if `sshd` is down - but only if you use an ssl-enabled version of telnet). Or if that would trigger some unpleasant confrontation, maybe just ask them to install `ssh` on the other nodes. come up with some reason why you need it that rsh can't do (to copy a large batch of files direct from your desktop box with `scp`, for example) – cas Oct 28 '19 at 10:26
  • 1, updated in the original text: it gets into a loop. 2, I am the very new sysadmin of this machine, and every change on it is strongly discouraged by the support of product's company. The system is quite old and very fragile. There are only two more years left on it's roadmap. I doubt we can persuade the product company into converting the setup into `ssh`. – saulius2 Nov 01 '19 at 18:56

0 Answers0