[kwlug-disc] Using SSH to authenticate

Richard Weait richard at weait.com
Sat Mar 13 20:10:37 EST 2010


On Sat, Mar 13, 2010 at 6:59 PM, Paul Nijjar <paul_nijjar at yahoo.ca> wrote:
> On Sat, Mar 13, 2010 at 06:45:40PM -0500, Richard Weait wrote:
>> Thought I'd fill out the example a little more because this Just Isn't
>> Intuitive To Me. I've tested this now and it Works For Me.
>
> This is not Intuitive to Me either. It also does Not Work for Me. I
> get the following error:
>
> channel 3: open failed: administratively prohibited: open failed

I had that when I tried the two steps in the same console.
BadRichard. No tunnel for you!

I've presumed that you must go through RelayHost, as TargetHost only
allows access from known hosts like RelayHost.  Thus, no connection
allowed from HomeHost, even though you have the user/pass.  No
connection for you UnknownHost!

Sadly, ssh can't fix slow and laggy.  I was going to suggest screen to
reduce the effects of slow and laggy but figured, "enh? Paul knows; he
did the presentation."

I'm not aware of a tunnel or other that allows, a what would it be, a
bounce-connect?  As unsolicited said, "shenanigans."

Perhaps you could talk TargetHost in to allowing connections via keys
from arbitrary hosts, or adding HomeHost as a known host, or even one
of the above after a port-knock from RelayHost for additional
complication?



More information about the kwlug-disc_kwlug.org mailing list