proxyjump fails for me

[PhilippKaniuth]

Thanks for your great extension!

I have a little problem though and would need assistance to solve it. I aim to connect to a remote computing cluster for which I don't have another access method and no admin rights. To do so, you first have to connect to a login node that asks for password and TOTP and then second you have to connect from the login node to the actual computing server which asks for your password again. So normally, I'd have to execute ssh [email protected], enter my password and TOTP, to then execute ssh compute1 and enter my password. To make this easier, in my local .ssh/config, I have:

Host login
    HostName login.url
    User redacted
    IdentityFile ~/.ssh/id_rsa

Host compute1
    HostName compute1
    User redacted
    Proxyjump redacted@login

If I do ssh compute1 in a stand-alone zsh this setup works: I am prompted for password, TOTP, and password again and am then connected to compute1.

However, if I try to "connect to host in new window" using open-remote-ssh from within VSCodium and select compute1, I am not prompted for anything and instead get the popup:

Could not establish connection to "compute1" (I cancel)

as well as

[Info  - 12:43:31.974] Resolving ssh remote authority 'ssh-remote+compute1' (attemp #1)
[Trace  - 12:43:31.983] Identity keys:
/Users/redacted/.ssh/id_rsa ssh-rsa SHA256:[some-fingerprint]
[Error  - 12:43:32.41] Error resolving authority
Error: getaddrinfo ENOTFOUND compute1
	at GetAddrInfoReqWrap.onlookup [as oncomplete] (node:dns:71:26)

Note that "connect to host in new window" for login works as expected.

---

Local OS: macOS Monterey Version 12.6 (21G115)
VSCodium: Version: 1.72.0, Release: 22279
open-remote-ssh: v0.0.16

Remote long server OS:
Operating System: SUSE Linux Enterprise Server 12 SP5
CPE OS Name: cpe:/o:suse:sles:12:sp5
Kernel: Linux 4.12.14-122.133-default
Architecture: x86-64

Remote compute1 OS:
Operating System: SUSE Linux Enterprise Server 12 SP5
CPE OS Name: cpe:/o:suse:sles:12:sp5
Kernel: Linux 4.12.14-122.130-default
Architecture: x86-64

---

Is there anything I am doing wrong?

[jeanp413]

Hi @PhilippKaniuth, seems like a bug in the extension, I see you have Proxyjump redacted@login, and I need to resolve login host properly when user is present, if you change it to Proxyjump login it should work, can you confirm that? Actually I see you have HostName compute1 in your config, assuming it's not a placeholder, is compute1 in your /etc/hosts file?

[PhilippKaniuth]

Thanks for your help!

Changing Proxyjump redacted@login to Proxyjump login did not work, it gives:

[Info  - 08:59:26.695] Resolving ssh remote authority 'ssh-remote+compute1' (attemp #1)
[Trace  - 08:59:26.705] Identity keys:
/Users/redacted/.ssh/id_rsa ssh-rsa SHA256:[some-fingerprint]
[Error  - 08:59:26.712] Error resolving authority
Error: getaddrinfo ENOTFOUND compute1
	at GetAddrInfoReqWrap.onlookup [as oncomplete] (node:dns:71:26)

assuming it's not a placeholder

What do you mean by that? compute1 is just an alias I used here to not expose the real name of the computing server (same goes for login). Sorry if that was unclear!

is compute1 in your /etc/hosts file?

No. Note that I am on a company managed Macbook. In my ~/.ssh/known_hosts compute1 is listed there with its ssh-ed25519 (login is there as well).

[jeanp413]

compute1 is just an alias I used here to not expose the real name of the computing server (same goes for login)

yeah that's what I meant, so compute1 is an ip in the .ssh/config file itself.

Are you using some kind of proxy? If you have nodejs installed, could you run dns.lookup(compute1, console.log), does it work?

[PhilippKaniuth]

yeah that's what I meant, so compute1 is an ip in the .ssh/config file itself.

Really sorry for not communicating clearly. compute1 is not an IP. Allow me to explicate the content of my .ssh/config as posted originally:

Host login
    HostName login.url
    User redacted
    IdentityFile ~/.ssh/id_rsa

The HostName is an actual publicly facing URL. It's just a login node which let's actual users login with passwort and TOTP.

Host compute1
    HostName compute1
    User redacted
    Proxyjump redacted@login

Here, the HostName is just a string (not an IP nor an URL, just the actual name of the compute server). What you could do once connected to the login node is ssh compute1 to land on the compute node.

Are you using some kind of proxy?

I don't.

If you have nodejs installed, could you run dns.lookup(compute1, console.log), does it work?

I don't have nodejs.

Please let me know how I can be of further help to debug this! :) Thanks for your patience!

[jeanp413]

Here, the HostName is just a string (not an IP nor an URL, just the actual name of the compute server). What you could do once connected to the login node is ssh compute1 to land on the compute node.

So compute1 is in the /etc/hosts file inside the login node, right? could you try changing compute1 in HostName compute1 and use the internal ip instead, does it work?

In the meantime you can try this workaround

[PhilippKaniuth]

So compute1 is in the /etc/hosts file inside the login node, right?

I'm afraid it is not :(

From here:

Create a separate ssh config file for vscodium and point the extension to it

How do I point vscodium to that separate ssh config file?

[jeanp413]

You can use remote.SSH.configFile config option in settngs.json

[jeanp413]

This was the same issue as this one #42 (comment)

[PhilippKaniuth]

Apologies for not getting back to you.

I am happy to confirm that this issue is resolved in the latest version, it works like a charm now! :)

Thanks so much for your work!!