Can I limit my autoSSH Tunneling Speed with trickle and ssh config file option?

Question

When I use only ~$ autossh site1 it work perfectly, but whit trickle the pameter site1 is considered as DNS Name instead of conf block.

User@VM:~$ sudo trickle -d 10 -u 10 -- autossh site1
[sudo] password for User:
ssh: Could not resolve hostname site1: Temporary failure in name resolution

nevertheless site1 is not a DNS name, is an entry in my config file like :

Host site1
        HostName 89.32.12.206
        Port 222
        User sctfic
        Compression yes
        CompressionLevel 7
        IdentityFile ~/.ssh/id_rsa
        LocalForward *:9100 10.1.253.100:9100
        LocalForward *:9101 imp:9100

I got the error both when using `autossh site1` and `trickle -vvv -d 10 -u 10 -- autossh site1` — Édouard Lopez, Jun 30 '14 at 09:18
See my comment to @Jenny-d's answer config file are the same (on my tests) but the identity files differ. — Édouard Lopez, Jun 30 '14 at 09:31

score 2 · Accepted Answer · answered Jun 30 '14 at 09:21

2

When you use sudo, you're switching to root's account instead of your own. This means that ssh will read root's .ssh/config instead of yours.

If you must run trickle as root, then first copy your own ssh config and keys to root's .ssh directory.

answered Jun 30 '14 at 09:21

Jenny D

27,780
21
75
114

That's not what I observe in Ubuntu/Linux Mint: both read `/etc/ssh/config`. But they do read different identity file: `/root/.ssh/id_rsa type -1`. You can see this using `-v` flag: `sudo ssh -v ed8@vm-ed` – Édouard Lopez Jun 30 '14 at 09:29
`/etc/ssh/config` is the system-wide config file. It's far more common to use `$HOME/.ssh/config` for this type of configuration. – Jenny D Jun 30 '14 at 09:31
Ok, as I don't have `$HOME/.ssh/config` file I guess it's falling back to the system-wide file. Weird there is no info about this on the debug messages. – Édouard Lopez Jun 30 '14 at 09:39
I don't feel confortable recommending people to write config to the `root` while being `suoders`. – Édouard Lopez Jun 30 '14 at 09:41
1

The order in which configuration files are parsed can be found by doing `man ssh`. And you shouldn't give people root acccess (whether using sudo or using password) unless they can be trusted not to screw things up. If they make a mistake in `~root/.ssh/config`, it will affect only root and only until someone with sudo access fixes it. If they edit `/etc/ssh/config`, it will affect ' **all** users on the server - which I would see as having far worse implications in case of mistakes. – Jenny D Jun 30 '14 at 09:52

score 1 · Answer 2 · answered Jun 30 '14 at 09:25

The ssh man page say the hostname is mandatory in the command but also define a -F configfile:

ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec] [-D [bind_address:]port] [-E log_file] [-e escape_char] [-F configfile] [-I pkcs11] [-i identity_file] [-L [bind_address:]port:host:hostport] [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port] [-Q cipher | cipher-auth | mac | kex | key] [-R [bind_address:]port:host:hostport] [-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]] [user@]hostname [command]

I recommend you to try:

sudo trickle -d 10 -u 10 -- autossh -F /path/to/config-file site1

Since the config file points out ssh key files using `~`, it expects to find those keys in the home directory belonging to the user running the ssh command. He'd have to change the config file to point pout the full path to the keys. — Jenny D, Jun 30 '14 at 09:54

Can I limit my autoSSH Tunneling Speed with trickle and ssh config file option?

2 Answers2