Support for ssh_config Include Statement

hi,

it would be great if CoreTunnel would support/respect the Include directive from ssh_config. As an alternative, it would help to include more than one ssh_config in the settings of CT.

Include

Include the specified configuration file(s). Multiple pathnames may be specified and each pathname may contain glob(3) wildcards and, for user configurations, shell-like “~” references to user home directories. Files without absolute paths are assumed to be in ~/.ssh if included in a user configuration file or /etc/ssh if included from the system configuration file. Include directive may appear inside a Match or Host block to perform conditional inclusion.

Source: ssh_config(5).

best regards,

chris

Hi Chris, Include directive is supported after Core Helper installed:

Hi Yang,
CoreHelper is installed - it doesn't work though. I'll try and gather some logs later today.
Anything obvious I could check? Settings->Advanced->Configuration is set to the default ~/.ssh/config ..
/chris

I was able to reproduce the issue on a new mac, latest MacOS, Core Helper installed:

A simple SSH config consisting of 3 files

~/.ssh/config
Include ~/.ssh/lan
Include ~/.ssh/wan

~/.ssh/lan
Host alpha
Hostname 192.168.0.100
HostKeyAlias alpha
Port 22
User chris
Identityfile ~/.ssh/keyfile

~/.ssh/wan
Host beta
Hostname 192.168.0.110
HostKeyAlias beta
Port 22
User chris
Identityfile ~/.ssh/keyfile

CoreTunnel immediately goes into retrying with "connection failed".

Both equivalent ssh commands work on the commandline. Here's the log for host alpha up to "connection established"

#> ssh -4 -vvv -o ServerAliveInterval=15 -o ExitOnForwardFailure=yes -o ServerAliveCountMax=3 chris@alpha

OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /Users/chris/.ssh/config
debug3: /Users/chris/.ssh/config line 1: Including file /Users/chris/.ssh/lan depth 0
debug1: Reading configuration data /Users/chris/.ssh/lan
debug1: /Users/chris/.ssh/lan line 1: Applying options for alpha
debug3: /Users/chris/.ssh/config line 2: Including file /Users/chris/.ssh/wan depth 0
debug1: Reading configuration data /Users/chris/.ssh/wan
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug2: resolve_canonicalize: hostname 192.168.0.100 is address
debug2: ssh_connect_direct
debug1: Connecting to 192.168.0.100 [192.168.0.100] port 22.
debug1: Connection established.
...

Hosts defined in ~/.ssh/config are working fine.

best regards,

chris

Hi Chris, could you please enable debug logging in Core Tunnel and paste the log again?

This will help me identify the problem.

Thank you,

uhm, correct me if I'm wrong, but "debug3" will set -vvv for the command.
I've pasted the output of that up to "Connection established" in my previous post.

That's exactly my problem: CoreTunnel fails instantly while the equivalent command works. Is there a debug log for the Helper?

/chris

Did Core Tunnel printed any log? I understand that you've pasted log of the equivalent command, if any, could you please also paste the log of Core Tunnel?

Thanks,

Where can I find CoreTunnel's Log?

Please follow steps in this topic:

Here a the tunnel logs:

## TEST: wanhost ##
----------------------------------------
Equivalent Command: ssh -4 -vvv -o ServerAliveCountMax=3 -o ServerAliveInterval=15 -o ExitOnForwardFailure=yes root@wanhost
06:52:02 Connecting…
06:52:02 Using Core Helper 4.2 (r42)
06:52:02 OpenSSH_8.0p1, OpenSSL 1.0.2q  20 Nov 2018
06:52:02 debug1: Reading configuration data /Users/chris/.ssh/config
06:52:02 debug1: /Users/chris/.ssh/config line 1: include ~/.ssh/lan matched no files
06:52:02 debug1: /Users/chris/.ssh/config line 2: include ~/.ssh/wan matched no files
06:52:02 debug1: Reading configuration data /etc/ssh/ssh_config
06:52:02 debug1: /etc/ssh/ssh_config line 48: Applying options for *
06:52:02 debug2: resolving "wanhost" port 22
06:52:02 ssh: Could not resolve hostname wanhost: nodename nor servname provided, or not known
06:52:02 Abnormal Disconnect
06:52:02 Connection failed, retry after 3s…
06:52:03 Disconnected
## TEST: alpha ##

----------------------------------------
Equivalent Command: ssh -4 -vvv -o ServerAliveInterval=15 -o ExitOnForwardFailure=yes -o ServerAliveCountMax=3 chris@alpha
19:53:47 Connecting…
19:53:47 Using Core Helper 4.2 (r42)
19:53:47 OpenSSH_8.0p1, OpenSSL 1.0.2q  20 Nov 2018
19:53:47 debug1: Reading configuration data /Users/chris/.ssh/config
19:53:47 debug1: /Users/chris/.ssh/config line 1: include ~/.ssh/lan matched no files
19:53:47 debug1: /Users/chris/.ssh/config line 2: include ~/.ssh/wan matched no files
19:53:47 debug1: /Users/chris/.ssh/config line 4: Applying options for alpha
19:53:47 debug1: Reading configuration data /etc/ssh/ssh_config
19:53:47 debug1: /etc/ssh/ssh_config line 48: Applying options for *
19:53:47 debug2: resolve_canonicalize: hostname 172.16.100.100 is address
19:53:47 debug2: ssh_connect_direct
19:53:47 debug1: Connecting to 172.16.100.100 [172.16.100.100] port 22.
19:53:47 debug1: Connection established.
...

ssh config scheme used for the test:

~/.ssh/config:

Include lan
Include wan

Host alpha
  Hostname 172.16.100.100
  HostKeyAlias alpha
  Port 22
  User chris
  Identityfile ~/.ssh/id_something
  UserKnownHostsFile		/dev/null
  StrictHostKeyChecking	no

~/.ssh/wan:

Host wanhost
  Hostname 172.16.100.90
  HostKeyAlias wanhost
  Port 22
  User root
  Identityfile ~/.ssh/id_something
  UserKnownHostsFile		/dev/null
  StrictHostKeyChecking	no

(~/.ssh/lan has another valid host configured but is not used here)

The equiv. command via terminal for wanhost, same config:

chris@loop:~ $ ssh -4 -vvv -o ServerAliveCountMax=3 -o ServerAliveInterval=15 -o ExitOnForwardFailure=yes root@wanhost
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /Users/chris/.ssh/config
debug3: /Users/chris/.ssh/config line 1: Including file /Users/chris/.ssh/lan depth 0
debug1: Reading configuration data /Users/chris/.ssh/lan
debug3: /Users/chris/.ssh/config line 2: Including file /Users/chris/.ssh/wan depth 0
debug1: Reading configuration data /Users/chris/.ssh/wan
debug1: /Users/chris/.ssh/wan line 1: Applying options for wanhost
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug2: resolve_canonicalize: hostname 172.16.100.90 is address
debug2: ssh_connect_direct
debug1: Connecting to 172.16.100.90 [172.16.100.90] port 22.
debug1: Connection established.

Thanks a lot for the info.

For some technology reasons, ~/.ssh/could not be parsed to your home directory (/Users/chris/) in this case. Could you please edit your ~/.ssh/config file, and change first two lines to:

Include /Users/chris/.ssh/lan
Include /Users/chris/.ssh/wan

Yang

That did the trick. Thanks for your help!

1 Like

Good to hear that :grinning: