Mailing List Archive

ssh with proxyjump on windows 10
> ssh -v test
OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5
debug1: Reading configuration data C:\\Users\\jsore/.ssh/config
debug1: C:\\Users\\jsore/.ssh/config line 11: Applying options for test
debug1: Setting implicit ProxyCommand from ProxyJump: ssh -v -W '[%h]:%p' apple
debug1: Executing proxy command: exec ssh -v -W '[test]:22' apple
CreateProcessW failed error:2
posix_spawn: No such file or directory

https://github.com/openssh/openssh-portable/blob/c327813ea1d740e3e367109c17873815aba1328e/ssh.c#L1180

It doesn't appear there's an easy way to tell openssh that I need to
use `ssh.exe` instead of `ssh`.

For 8.1, could something be adjusted to make this work?

Note: running `ssh -v -W "[test]:22" apple` almost works
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: ssh with proxyjump on windows 10 [ In reply to ]
On Sun, 7 Apr 2019, Josh Soref wrote:

> > ssh -v test
> OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5
> debug1: Reading configuration data C:\\Users\\jsore/.ssh/config
> debug1: C:\\Users\\jsore/.ssh/config line 11: Applying options for test
> debug1: Setting implicit ProxyCommand from ProxyJump: ssh -v -W '[%h]:%p' apple
> debug1: Executing proxy command: exec ssh -v -W '[test]:22' apple
> CreateProcessW failed error:2
> posix_spawn: No such file or directory
>
> https://github.com/openssh/openssh-portable/blob/c327813ea1d740e3e367109c17873815aba1328e/ssh.c#L1180
>
> It doesn't appear there's an easy way to tell openssh that I need to
> use `ssh.exe` instead of `ssh`.
>
> For 8.1, could something be adjusted to make this work?
>
> Note: running `ssh -v -W "[test]:22" apple` almost works

I'm confused: I thought the .exe suffix wasn't mandatory on Windows?

Is this Cygwin or the Microsoft OpenSSH port?

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: ssh with proxyjump on windows 10 [ In reply to ]
Microsoft port.

And as with most things, it would depend on which API/subsystem you're
using.

Since this thing is using posix_spawn, it's clearly using the posix API
which presumably is stricter.

Technically the file type stuff is managed by the PATHEXT variable. One can
imagine a win32 where that variable is empty. I don't remember who is
actually responsible for hosting the variable. The msdn for "start" claims
that "cmd" is responsible, and the msdn for "where" says "where" is
responsible.

powershell/win32-openssh#1185 is some variation of this problem. It's hard
for me to tell what the right behavior is/where any of this should be
handled.

The reason I reported it here is that I looked at the upstream code and it
doesn't seem like there's an easy way for me to use ProxyJump with this
flaw, because I can't influence that "ssh" string.


On Mon, Apr 8, 2019, 2:09 PM Damien Miller <djm@mindrot.org> wrote:

> On Sun, 7 Apr 2019, Josh Soref wrote:
>
> > > ssh -v test
> > OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5
> > debug1: Reading configuration data C:\\Users\\jsore/.ssh/config
> > debug1: C:\\Users\\jsore/.ssh/config line 11: Applying options for test
> > debug1: Setting implicit ProxyCommand from ProxyJump: ssh -v -W
> '[%h]:%p' apple
> > debug1: Executing proxy command: exec ssh -v -W '[test]:22' apple
> > CreateProcessW failed error:2
> > posix_spawn: No such file or directory
> >
> >
> https://github.com/openssh/openssh-portable/blob/c327813ea1d740e3e367109c17873815aba1328e/ssh.c#L1180
> >
> > It doesn't appear there's an easy way to tell openssh that I need to
> > use `ssh.exe` instead of `ssh`.
> >
> > For 8.1, could something be adjusted to make this work?
> >
> > Note: running `ssh -v -W "[test]:22" apple` almost works
>
> I'm confused: I thought the .exe suffix wasn't mandatory on Windows?
>
> Is this Cygwin or the Microsoft OpenSSH port?
>
> -d
>
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: ssh with proxyjump on windows 10 [ In reply to ]
So, I finally took the time to use process monitor (sysinternals.com). I
provided the logging in a pull request to a pull request to
openssh-portable:

https://github.com/manojampalam/openssh-portable/pull/2

The short of it is that CreateProcessW decides how to find a program in a
command string based on a heuristic.

ssh uses `'` instead of `"` because it's guarding something (expansion of
hostnames I think).

Under this condition, Windows decided that either the entire string was a
complete path to a program or it was a complete path to a program without
".exe".

If the first character of the command is a `"`, and there's a matching `"`,
CreateProcessW will use that as its starting point for finding the program.

Otherwise, if a `"` character is introduced into the command-line somewhere
else, Windows knows that nothing past that can possibly be part of the
program path - as ideally people would stick the program path in `"` too.

The current PR to openssh-portable replaces the `'` with `"` which enables
CreateProcessW to search backwards from that point, trying each thing up to
a ` ` to see "are you a program?"/"are you a program if I add .exe?"

Which is still pretty inefficient.

Ideally one can tell CreateProcessW "this is the program".

I sent a naïve PR which just helps CreateProcessW along and then the more
correct one which tells it "this is it".

I don't think openssh itself needs to use `'` as opposed to `"` for the
proxy jump. And I'm pretty sure it could tolerate the quotes around the
program itself.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev