how to get the PID of an SSH tunnel
Noah
I'm creating an SSH tunnel using a command like this:
ssh -C -n -L 25:example.com:25 -L 110:example.com:110 \
my_...@example.com -f nothing_script.sh
How do I get the PID of the background task?
That command causes ssh to fork into the background with a new pid.
I would just try grepping through the ps output, but I have
several other SSH sessions running as well. It seems like the
only hack that I could think of was to do a ps before I create the
tunnel, then do a ps after I create the tunnel and then pray that
the new ssh pid on the list is the tunnel.
Is there a better trick for doing this?
Yours,
Noah
Richard E. Silverman
Don't use -f; instead, use the shell's job control features to start ssh
asynchronously and access its pid.
--
Richard Silverman
r...@qoxp.net
Pierre Asselin
> I'm creating an SSH tunnel using a command like this:
> ssh -C -n -L 25:example.com:25 -L 110:example.com:110 \
> my_...@example.com -f nothing_script.sh
The shell variable $! contains the pid of the most recently executed
background command. If you leave out the -f and background the ssh
yourself, the $! will have what you want. (You can also use -N
instead of an empty script.)
Noah
The problem is that SSH does a fork/exec, so the pid is not what the shell sees
as the SSH command it started (that is, $! doesn't work).
The -N argument implies -f. You cannot leave off the -f and
put it into the background youself because then you cannot
enter the password. With -f or -N SSH will ask you for your password
before it daemonizes itself. In other words, if you try to do this:
ssh -C -n -L 110:example.com:110 my_...@example.com nothing_script.sh &
Then I will see SSH ask me for a password, but there is no way to enter it.
And, no, I am not allowed to use public key authentication :-P
Finally, I'm forced to talk to an old SSH1 server, so -N doesn't work anyway.
I am screwed?
Yours,
Noah
all mail refused
>p...@invalid.invalid (Pierre Asselin) wrote in message
news:<3ne32c...@brick.verano.sba.ca.us>...
>> > I'm creating an SSH tunnel using a command like this:
>> > ssh -C -n -L 25:example.com:25 -L 110:example.com:110 \
>> > my_...@example.com -f nothing_script.sh
>> The shell variable $! contains the pid of the most recently executed
>The problem is that SSH does a fork/exec, so the pid is not what the shell sees
How about using some random distinct string on the command-line
"... -f nothing_script.sh hereiam=7658769175"
--
Elvis Notargiacomo master AT barefaced DOT cheek
Darren Tucker
There's an open enhancement request for this:
http://bugzilla.mindrot.org/show_bug.cgi?id=253
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
Noah
> How about using some random distinct string on the command-line
> "... -f nothing_script.sh hereiam=7658769175"
This is a good idea; unfortunately, this needs to run under Cygwin
which has a pretty limited ps output (does not support the -ww option).
(Do I hear laughter?)
Yours,
Noah
all mail refused
>> How about using some random distinct string on the command-line
>> "... -f nothing_script.sh hereiam=7658769175"
>
>This is a good idea; unfortunately, this needs to run under Cygwin
>which has a pretty limited ps output (does not support the -ww option).
>(Do I hear laughter?)
Does Cygwin have directories and symbolic links ?
"hereiam=7658769175/ssh ..."
You could do this without the symbolic links if pressed.
--
Elvis kludgeRus Notargiacomo master AT barefaced DOT cheek
Pierre Asselin
> p...@invalid.invalid (Pierre Asselin) wrote in message news:<3ne32c...@brick.verano.sba.ca.us>...
> The -N argument implies -f.
Really? The docs say that -f implies -n but says nothing about -N.
> You cannot leave off the -f and
> put it into the background youself because then you cannot
> enter the password.
Correct. If you need a password prompt you need -f. I don't see a
way out.
> And, no, I am not allowed to use public key authentication :-P
Just curious: what keeps you from generating a key pair and
copying the public key to .ssh/authorized_keys on the remote?
Noah
> Noah <no...@noah.org> wrote:
> > p...@invalid.invalid (Pierre Asselin) wrote in message news:<3ne32c...@brick.verano.sba.ca.us>...
>
> > The -N argument implies -f.
>
> Really? The docs say that -f implies -n but says nothing about -N.
You are correct. -N does not imply -f.
> Just curious: what keeps you from generating a key pair and
> copying the public key to .ssh/authorized_keys on the remote?
The remote system uses an old SSH1. I have not been able to generate
a compatible key for it. I tried various tricks to convert key formats, but
nothing seems to work.
Yours,
Noah
Richard E. Silverman
> The remote system uses an old SSH1. I have not been able to generate
> a compatible key for it. I tried various tricks to convert key formats, but
> nothing seems to work.
I think this is the problem you should solve. As far as I know, there was
only ever one SSH1 authorized_keys file format; it should look like this:
1023 35 869751124798752578...75977312025518391 comment here
There would be nothing to convert: you need to generate a separate key for
use in protocol 1. OpenSSH does not allow you to cross-use keys between
protocol versions.
Check the usual things: ~, ~/.ssh, and ~/.ssh/authorized_keys writable
only by owner or root; RSA authentication turned on; etc.
http://www.snailbook.com/faq/general-debugging.auto.html
--
Richard Silverman
r...@qoxp.net