Enable SSH agent forwarding for scp #6600
Assignees
Labels
Milestone
Comments
tanhakabir
changed the title
How do you know this is the case? |
Ran tests on my lab, - sorry not showing because of sensitive details - plus found a rel note there : https://www.openssh.com/txt/release-8.4
|
|
Ah I see, seems reasonable to add a setting to add the -A flag on scp. |
roblourens
changed the title
|
I have found a workaround for this problem |
|
|
62 tasks
57 tasks
49 tasks
64 tasks
74 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
and others
Hello,
As a specific security requirement, on my lab,
SSH authentication is performed thru a tool named "BalaBit - Shell Control Box (SCB)", which supports SSH agent forwarding.
However, this security tool has a flaw in its current release : it is unable to fallback to ssh interactive password when authentication is set to ssh key exchange.
Therefore, I must use SSH key authentication and agent forwarding.
In addition, hosts I connect to have no internet connection, thus : localServerDownload
Last but not least, I must use cygwin ssh because activating windows openssh forward agent requires admin rights on laptop, I don't have them.
All this works OK for remote ssh editing but the upload of vscode-server fails because scp ignores ForwardAgent ssh directive in config file unless "-A" flag is present on the cmd line.
I am using following explicit remote SSH Setup :
{
"remote.SSH.configFile": "path_to_my_ssh_config",
"remote.SSH.localServerDownload": "always",
"remote.SSH.showLoginTerminal": true,
"remote.SSH.logLevel": "trace",
}
all other options are on default values, including remote.SSH.enableAgentForwarding : true
To overcome this issue, some extra remote.SSH setting for scp command should be useful in this case...
say:
Remote.SSH.scpExtraOptions: "-A" default ""
The text was updated successfully, but these errors were encountered: