Geek Answers Handbook

Please debug SSH Proxy Command, it cannot connect remote server using MultiTool SSH drive on PuTTY

I would like to replicate the following ~/.ssh/config from a working Mac setup on Windows PuTTY.

 Host server01 HostName 11.22.333.444 Port 55555 DynamicForward 1080 User username RemoteForward 52698 localhost:52698 Host server02 HostName work-machine-name ProxyCommand ssh -q server01 nc work-machine-name 22 User username RemoteForward 52698 localhost:52698

This is the current proxy command in which I feel what is wrong on PuTTY:

plink -ssh 11.22.333.444 -P 55555 -l username -D 1080 -R 52698:127.0.0.1:52698 -nc %host:%port

Details:

I am trying to configure ellipsis on PuTTY with an SSH proxy so that I can use the remote Atom text editor on my Windows computer to work on remote machines. Multihop means that I must first use SSH on the intermediate machine and then enter the final machine.

On a Mac, I just started the server on a remote Atom package, on the terminal run ssh server02 , enter the passwords for both logins to get to the remote computer, and run rmate filename to automatically open the remote Mac Atom editor file with that rmate .

I am currently trying to replicate everything on my Windows PuTTY. I followed this multi-user SSH tutorial course and referenced the plink manual .

First I added "C: \ Program Files (x86) \ PuTTY" forever in PATH. Then I made the following settings for PuTTY, trying to accurately reproduce ~ / .ssh / config:

  • Session . Host Name: work-machine-name , Port: 22
  • Connection → Data . Auto Login Username: username
  • Connection → Proxies . Proxy type: Local , proxy host name: 11.22.333.444 , port: 55555 , Telnet command or local proxy command: plink -ssh 11.22.333.444 -P 55555 -l username -D 1080 -R 52698:127.0.0.1:52698 -nc %host:%port
  • Connection → SSH → Tunnels . a window appears for redirecting remote ports: R52698 localhost:52698

I get a big blank black screen when I try to start everything. I suspect my ProxyCommand is not configured correctly.

(By the way, I found X11 completely unnecessary using Mac settings.)

Trying to debug, I ran the plink ProxyCommand line in cmd command line:

 C:\Users\username>plink -ssh 11.22.333.444 -P 55555 -l username -D 1080 -R 52698:127.0.0.1:52698 -nc work-machine-name:22 username@11.22.333.444 password: SSH-2.0-OpenSSH_6.6.1

And it hangs there after entering the password. On a Mac, it will also ask for a second password, and then it will be connected to the remote working machine.

+7
linux windows putty ssh remote-access
source share
2 answers

It seems that the problem you are facing is the incompatibility between the "standard" ssh and putty tools

some possible workarounds are to use cygwin ssh, linux subsystem for Windows or mobaxterm (this is basically cygwin + the best terminal emulator and built-in x11 server)

they all work with the same configuration files as linux and mac, so your existing config should work

+2
source share

These are a few ideas, your use case is very specific and probably the best tool to achieve what you need to simplify all the proxies that you could probably use a VPN between your devices, but focus on the SSH side I prompts you to check how the transfer is performed, and how to test the (bastion) setting using putty.

Call forwarding

What can happen is that in your Windows client ssh passwords are not forwarded, something that works on execution:

 ssh -A

From a person:

-A Enables authentication agent connection forwarding. This can also be specified for each node in the configuration file.

In windows, when using putty to achieve something like this, you need to use Pageant something.

Pageant - PuTTY authentication agent. It stores your private keys in memory so that you can use them whenever you connect to the server. This eliminates the need for:

  • Explicitly specify the corresponding key for each Linux user account if you use more than one account to log into the server

  • Enter a passphrase each time you log in to your account; and your keys should be protected with a passphrase, since an insecure key is as good as hiding your password under the keyboard!

To learn more about how to configure the client, follow this guide: https://www.digitalocean.com/community/tutorials/how-to-use-pageant-to-streamline-ssh-key-authentication-with-putty

bastion - ssh tunnel

Check out this guide, https://blog.devolutions.net/2017/04/how-to-configure-an-ssh-tunnel-on-putty.html

+1
source share

More articles:


All Articles