具有以下内容ssh_config:
Match all
IdentityFile /opt/ssh/id_rsa
StrictHostKeyChecking no
ServerAliveInterval 30
ServerAliveCountMax 3
ControlMaster auto
ControlPersist 300
StreamLocalBindMask 0111
StreamLocalBindUnlink yes
ExitOnForwardFailure yes
Compression yes
BatchMode yes
Host example
LocalForward /opt/ssh/soc/%n_mysql.socket 127.0.0.1:3306
ControlPath /opt/ssh/soc/%n.socket
HostName example.com
User user
Port 22
unix-socket创建两个文件:
# ls -1 /opt/ssh/soc
example.socket
%n_mysql.socket
显然LocalForward指令不喜欢令牌......
我想知道为什么以及是否有其他方法可以实现这一目标?
我看到它LocalCommand接受以下标记:%%, %C, %d, %h, %i, , %l, %n, %p, %r,%T和%u。它可以以某种方式用来实现我想要的吗?
我尝试了以下配置,但它只创建套接字ctrl,而不创建mysql套接字。
Host example
PermitLocalCommand yes
LocalCommand ssh -F /opt/ssh/config -S /opt/ssh/sockets/%n.socket -TNL /opt/ssh/sockets/%n_mysql.socket:127.0.0.1:3306 -p %p -l %u %h
ControlPath /opt/ssh/soc/%n.socket
HostName example.com
User user
Port 22
答案1
根据我的实验,人们似乎openssh决定让事情变得相当复杂。以下包装脚本可能会提供一些启发:
#! /bin/sh --
HNAME=${1:?## Err: Please specify the host name}
CONFD="/opt/ssh"
SOCKETS="${CONFD}/soc"
ssh -fTNF "${CONFD}/config" "${HNAME}" && {
ssh -O forward -S "${SOCKETS}/${HNAME}.socket" -TNL "${SOCKETS}/${HNAME}_mysql.socket:127.0.0.1:3306" "${HNAME}" &&\
ssh -O check -S "${SOCKETS}/${HNAME}.socket" "${HNAME}"
} || exit 1