Run Command Before Starting SSH Connection

This a quick hack I found while I was looking to run a knock script before connecting to servers which I have the SSH service protected with a knock sequence. In my setup I used the ProxyCommand option in the ssh_config file to loop over my loop-back interface.

Host server1
    User root
    ProxyCommand bash -c 'knock-script %h; sleep 1; ssh -W %h:%p'

# in the above
# %h is a place holder for the hostname i.e
# and i added 1 sec delay before running the ssh tunnel
# to give the script on the server side time to validate my knock.


You may also like...

4 Responses

  1. Damo says:

    SSHing to localhost is a bit too much IMO, you can replace it with nc %h %p

  2. Simon says:

    So I want to have my knock-script output to the terminal before running ssh, and that doesn’t seem to be working. Any idea why?

    • Rabin says:

      Need more information, maybe your ssh daemon is not running. try using `nc` instead.

Leave a Reply

Your email address will not be published. Required fields are marked *