[X2Go-User] ssh connection through bastion host

Ulrich Sibiller ulrich.sibiller at gmail.com
Thu Jun 27 14:52:18 CEST 2024 

Well, I don't see what's going wrong here. But I had similar
experiences with libssh debug output not helping at all.

Running x2goclient with --help shows you all available options.

Regarding debugging there are these:

  --debug Enables extensive debug output to the console.

On Windows, also enables PulseAudio logging to a file under
".x2go/pulse" & cygwin sshd logging to
a file under ".x2go/sshLogs" directory, both under the USERPROFILE directory.

The logs are not deleted when X2Go Client terminates.

--libssh-debug Instructs libssh to print out extensive debug output to
the console.

This will only have an effect if libssh is being used. It tends to
generate a lot of output.

WARNING: Enabling this option could reveal sensitive information about
client and server
configuration, and, if libssh has been compiled with password
debugging, user credentials. Do not
publish log files created with this option.


--libssh-packetlog Instructs libssh to print out all network packets
sent and received, including their contents.

This will only have an effect if libssh is being used. It tends to
generate huge amounts of output.

WARNING: The same caveats as explained in the --libssh-debug option
help text apply.



As MacOS is unixoid i assume you can easily automate the tunnel
building during session startup. This should not build up big hurdles
for any of your (possibly unexperienced) users.

Regarding the proxy connection: AFAIR x2go will connect to the named
proxy and start another ssh session to the final destination there.

Uli


On Thu, Jun 27, 2024 at 11:55 AM Hauke Fath <hf at spg.tu-darmstadt.de> wrote:
>
> On Thu, 27 Jun 2024 10:49:48 +0200, Hauke Fath wrote:
> >> Also, x2goclient knows some debug switches to produce log files. You
> >> might see what's going on.
> >
> > I might, if I could find said debug switches, which is what my question
> > was about... Please fill me in.
>
> I managed to invoke the mac x2go client from the command line as
> './x2go --libssh-debug', which gives a bit more information.
>
> A lot of it is of the form "ssh_config_parse_line:
> Un(supported|applicable) option:", to the point where a list of libssh
> supported options will probably be shorter... In particular, ProxyJump
> is not supported.
>
> The debug information ends with
>
> [...]
> [2024/06/27 11:46:22.944213, 1] ssh_agent_get_ident_count:  Answer
> type: 12, expected answer: 12
> [2024/06/27 11:46:23.238705, 2] channel_open:  Creating a channel 43
> with 64000 window and 32768 max packet
> [2024/06/27 11:46:23.262887, 2] ssh_packet_global_request:  Received
> SSH_MSG_GLOBAL_REQUEST packet
> [2024/06/27 11:46:23.262971, 2] ssh_packet_global_request:  UNKNOWN
> SSH_MSG_GLOBAL_REQUEST hostkeys-00 at openssh.com 0
> [2024/06/27 11:46:23.262988, 1] ssh_packet_process:  Couldn't do
> anything with packet type 80
> [2024/06/27 11:46:23.263056, 2] ssh_packet_ignore_callback:  Received
> SSH_MSG_DEBUG packet
> [2024/06/27 11:46:23.263078, 2] ssh_packet_ignore_callback:  Received
> SSH_MSG_DEBUG packet
> [2024/06/27 11:46:23.287345, 2] ssh_packet_channel_open_conf:  Received
> a CHANNEL_OPEN_CONFIRMATION for channel 43:0
> [2024/06/27 11:46:23.287401, 2] ssh_packet_channel_open_conf:  Remote
> window : 0, maxpacket : 32768
> [2024/06/27 11:46:23.532003, 1] channel_request:  Channel request
> pty-req failed
>
>
> and while the jumphost logs
>
>
> Jun 27 11:51:29 Pollux sshd[22590]: SSH: Server;Ltype: Kex;Remote:
> 195.52.168.252-61842;Enc: aes256-ctr;MAC: hmac-sha2-256;Comp: none
> [preauth]
> Jun 27 11:51:30 Pollux sshd[22590]: SSH: Server;Ltype: Authname;Remote:
> 195.52.168.252-61842;Name: ntjump [preauth]
> Jun 27 11:51:30 Pollux sshd[22590]: Accepted publickey for ntjump from
> 195.52.168.252 port 61842 ssh2: RSA
> SHA256:e593oJRD2akRZtNT3ib5VufkJc3RCRdGEqDlfV+xKNU
> Jun 27 11:51:30 Pollux sshd[25939]: SSH: Server;LType:
> Throughput;Remote: 195.52.168.252-61842;IN: 0;OUT: 0;Duration:
> 0.3;tPut_in: 0.0;tPut_out: 0.0
>
>
> there is no indication of a connection to the target machine, neither
> on the jumphost, nor the target machine's logs.
>
> Cheerio,
> Hauke
>
> --
>      The ASCII Ribbon Campaign                    Hauke Fath
> ()     No HTML/RTF in email            Institut für Nachrichtentechnik
> /\     No Word docs in email                     TU Darmstadt
>      Respect for open standards              Ruf +49-6151-16-21344
> _______________________________________________
> x2go-user mailing list
> x2go-user at lists.x2go.org
> https://lists.x2go.org/listinfo/x2go-user

More information about the x2go-user mailing list