rsync through multiple ssh hops with password authentication prompt

Manuel López-Ibáñez manuellopezibanez at yahoo.es
Wed Oct 19 23:58:16 GMT 2005


Matt McCutchen wrote:
> On Thu, 2005-10-20 at 00:05 +0100, Manuel López-Ibáñez wrote:
> 
>>I understand completely that it's not rsync's job to handle ssh password 
>>prompts, however, isn't it the first password prompt handled by rsync? 
>>Why the other password prompts cannot be handled in a similar way? This 
>>is jut curiosity, feel free to NOT answer if you are very busy.
> 
> 
> Even though the stdin and stdout of the first SSH are connected to rsync
> (so rsync can talk to the rsync on the other end), it can still access
> its "controlling terminal" directly (using /dev/tty) to prompt you for
> the password.  The second SSH, however, does not have a working
> controlling terminal, which is why it cannot prompt similarly.
> 

I am not sure if I understood all, why the second ssh does not have a 
working controlling terminal? I tried forcing a terminal allocation 
using rsync -e "ssh -t -t middle ssh -t -t target" and several 
combinations, but none worked.

man ssh(1)
-t      Force pseudo-tty allocation.  This can be used to execute arbi-
         trary screen-based programs on a remote machine, which can be
         very useful, e.g., when implementing menu services.  Multiple -t
         options force tty allocation, even if ssh has no local tty.

> Based on the output in your first message, I'm guessing the second SSH
> is falling back to using its standard error (which is coming back to
> your terminal) and its standard input (which is the rsync data stream)
> to prompt for and obtain the password.  Perhaps the it is trying to
> interpret the beginning of the rsync data stream as a password, which is
> why it fails three times in a row; does that "Permission denied" message
> mean "wrong password" on BSD?

I think you are right. I have no idea about OpenBSD and, actually, 
target is Debian GNU/Linux. I did some experiments. "Permission denied" 
messages are produced by middle (OpenBSD) if you provide wrong password. 
However, the weird thing is that if you ssh into target (GNU/Linux) from 
middle, it asks 6 times for the password, the first three times it just 
asks again if the password was wrong, the other three times gives the 
"Permission denied, try again" error.

Also, ¿how is the error message reaching me if rsync is not forwarding 
the output of the second SSH?


Cheers,

	Manuel.

		
______________________________________________ 
Renovamos el Correo Yahoo! 
Nuevos servicios, más seguridad 
http://correo.yahoo.es


More information about the rsync mailing list