-
Notifications
You must be signed in to change notification settings - Fork 304
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Respect RemoteCommand
option when connecting to remote host over ssh
#4474
Comments
Your ssh config would work for opening an interactive terminal session, but to connect, vscode needs to run a script on your remote. It does this by piping the command through the ssh process. The problem is that it's impossible to pass a script to ssh while RemoteCommand also exists. RemoteCommand will always take precedence and the passed in script will be ignored. I can support it if there is some way that a command like this will work:
where the "echo hello" command executes on your final remote host, not the gateway. Maybe someone more creative than me or who understands ssh better can find a solution, but I don't know how to do it. |
Actually, I want to try something. Could you install this, try connecting, and tell me what happens?
|
Thanks for the insanely quick reply @roblourens! I think this worked! Seems like vscode correctly executed the RemoteCommand, and did its work on the correct remote host. Attaching logs: SSH Extension logs
Namely: After which I see the vscode server being installed on my remote host 🎉 I am still hitting an issue specific to our gateway stuff though. As I mentioned previously the gateway we have explicitly disables tunneling and from what I see after code-server is up we are trying to establish a connection over a tunnel.
I just started learning about all this ssh stuff this weekend so still trying to figure out what exactly is going on but I know our solution in general is to use But I think in regards to the issue of I will play around with the next step of why the connection is not established after that, so if you happen to have any insight into my vague description above that would probably help me greatly 😄 since I'm a bit out of my comfort zone on this stuff. |
I don't understand how netcat helps without forwarding a port over SSH but let me know if you figure it out. You will probably have to enable port forwarding on your ssh server with the flag I don't want to ship this change yet, I need more time to convince myself that it's safe, I don't know whether it's guaranteed that the script we send will never execute on the gateway machine. Will do some more testing. |
Thank for the help again @roblourens. The problem I have is the gateway machine explicitly has disabled Sounds like the |
Thanks for the workaround, allowing |
@david-macleod I can investigate more if there is a good usecase. Can you tell me more about how it works with singularity, what are you SSHing into? And can you try the custom build again and share the log from the Remote-SSH output channel, so I can check that there is nothing fishy? I guess I need to look at the OpenSSH source, I want to see how it handles this case, but I am still not convinced that it's guaranteed safe. |
Hey @roblourens – once this is implemented, do you think it would be a viable way of running a VSCode
And by connecting to said host using the Remote SSH extension. |
Hi, I was looking into the same functionality as described by xvr-hit. The HPC that I am working on requires users to run extended jobs on a compute node using the SLURM. I am looking forward to seeing this feature implemented. Thanks a lot! |
My use case also requires the RemoteCommand. Please support it. AFAIK, it works before 0.66, but now after I upgrade my extension to 0.66, it is no longer respected. My use case is the RemoteCommand is "toolbox run -T bash", which allows the remote VScode run inside a toolbox. Now 0.66 my workflow is completely broken. |
I have not been able to get the 65.0 beta above working.
Extension log...[10:03:04.508] Log Level: 2 [10:03:04.513] [email protected] [10:03:04.513] win32 x64 [10:03:04.514] SSH Resolver called for "ssh-remote+dev:ubuntu", attempt 1 [10:03:04.514] "remote.SSH.useLocalServer": true [10:03:04.514] "remote.SSH.sshPath": undefined [10:03:04.514] "remote.SSH.sshConfigurationFile": undefined [10:03:04.514] "remote.SSH.useFlock": true [10:03:04.514] "remote.SSH.lockfilesInTmp": false [10:03:04.515] "remote.SSH.localServerDownload": auto [10:03:04.515] "remote.SSH.remoteServerListenOnSocket": false [10:03:04.516] "remote.SSH.showLoginTerminal": false [10:03:04.516] "remote.SSH.defaultExtensions": [] [10:03:04.516] SSH Resolver called for host: dev:ubuntu [10:03:04.517] Setting up SSH remote "dev:ubuntu" [10:03:04.520] Acquiring local install lock: C:\Users\user\AppData\Local\Temp\vscode-remote-ssh-dev:ubuntu-install.lock [10:03:04.544] Looking for existing server data file at c:\Users\user\AppData\Roaming\Code\User\globalStorage\ms-vscode-remote.remote-ssh\vscode-ssh-host-dev:ubuntu-3a6960b964327f0e3882ce18fcebd07ed191b316-0.65.0-beta\data.json [10:03:04.546] Using commit id "3a6960b964327f0e3882ce18fcebd07ed191b316" and quality "stable" for server [10:03:04.552] Install and start server if needed [10:03:04.575] Checking ssh with "ssh -V" [10:03:04.611] > OpenSSH_for_Windows_8.1p1, L [10:03:04.611] > ibreSSL 3.0.2 Running VSCode 1.62.2 on Windows 10. Connection config:
This command works OK on the host:
I have tried with no RemoteCommand, it it fails with the same error. The same config work OK on the latest version of the Remote - SSH extension. |
@roblourens This is not quite correct: it is true that you can't provide a command as an argument, e.g. |
My use case is simple. I'm required to log in as myself but once inside I'm allowed to become the user that has permissions to edit the website. Have tried group permissions and all that. CPanel (barf) is a battle I've given up fighting. So I just need to ssh in. Then become the owner of the site so I can edit or when I create files ownership will be correct. This little thing would REALLY help. Where else can I upvote? Thanks! This is in my (macos) config to connect to Centos: |
Related: #481 |
Is this in 1.63? I don't see it in the release notes: https://github.com/microsoft/vscode-docs/blob/main/remote-release-notes/v1_63.md |
There will be a setting to enable RemoteCommand,
|
@tanhakabir thank you, much appreciated! I installed 0.70.0 and tried putting |
I've hit the same issue of |
I updated to 0.70.0, and also tried adding the following to my settings.json file:
But the log still shows:
|
Same issue as simon, but additionally the dependency on useLocalServer is a problem - useLocalServer breaks kerberos authentication, so it's not an option. |
Oh our mistake! It will be out soon, we had another publishing issue in our pipeline. I'll ping on this issue again once it's released! |
Okay sorry for all the confusion, On the Remote SSH marketplace page you'll be able to see the option to use the Pre-Release version of the extension. By switching to the Pre-Release version you should be able to see the setting now. |
Unfortunately we can only safely enable RemoteCommand for local server connections. Do you have an issue for "useLocalServer breaks kerberos authentication" already? |
This only works on localhost? So my .ssh/config for localhost would need to execute another ssh session to a remote? |
@afflom I'm not sure what you mean by localhost. |
Ok, I think that I understand. Thank you @tanhakabir |
Works for me .. only when SSH is capital "remote.SSH.enableRemoteCommand": true, |
I checked the options
However, this resulted in
Interestingly (not sure if related), the script for the first time of connection is
While the second time is as shown above with a different port that is forwarded to my local machine. Nonetheless, the Am a bit confused. Would appreciate your help! |
@jasperhyp would you mind creating another issue with everything you've said here along with the full logs that you saw when you tried the several times to connect? |
Sure, I will create one now. |
It seems that currently the
RemoteCommand
option in an ssh config is ignored.I found a closed issues discussing this previously #695. The reason I'm asking for this is that I need to use the ssh extension in a network setup with a gateway which has disabled tunneling for security reasons. My situation is similar to the one described in another closed issue #82.
I need to ssh to a gateway host, which prompts for a password and on success waits for input for the host name to connect to. Example ssh config which works from the command line:
running
ssh some-host
will successfully establish a connection to the desired host, but from looking at vscode trace logs the invoked command isSince vscode explicitly disabled the RemoteCommand config I successfully connect and get a password prompt. However after that I get an error since the command is trying to execute
bash
on the gateway host which in my case needs to be forwarded theinline host-to-connect-to
commandLooking at a comment on #695 from @roblourens
I would personally not mind my integrated terminal to not do the right thing if I could get the ability to successfully establish the vscode connection which from what I understand would work if we have a way to remove the
RemoteCommand=none
from the initial connection.The text was updated successfully, but these errors were encountered: