unusable feature: LocalCommand

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

This is not to mean there isn't some use somewhere for this feature.  But I
thought I would be able to use it.  Turns out I can't.  Any alternatives?

According to TFM:
           Specifies a command to execute on the local machine  after  suc-
           cessfully  connecting to the server.  The command string extends
           to the end of the line, and  is  executed  with  /bin/sh.   This
           directive is ignored unless PermitLocalCommand has been enabled.

What it doesn't say is that the SSH connection, though established, cannot be
used by that local command being executed.

What I am trying to do:

I want a script to be able to start an SSH process, with a command line
specified port forwarding directive (usually -L, but maybe -D), and then
run a command that makes use of that port forwarding.  Then I want SSH to
clean up and take down the whole session when the command is done.

What I was hoping (the man page didn't say one way or the other) is that
when the local command exited, if there was no remote command active, it
would close down.  And I was hoping the port forwarding was usable.  Turns
out that the port fowarding does not even begin until after the local
command finishes.

I've also tried using -f option to just launch SSH in the background.  But
that doesn't always clean up.  If the remote end of the forwarded connection
closes first, it seems to usually clean up OK.  But if the local end of the
forwarded connection closes first, it seems to rarely clean up OK.

What would be nice is a way to given SSH a local command to run which is to
make use of the forwarded connection(s).  When the local command is done,
regardless of error status, SSH will exit.  It would be nice if it exits with
the status from that local command.

I'm thinking of writing my own network forwarder that uses SSH by passing the
forwarding data through the SSH command channel, not as an SSH forwarded port.
This would make sure it "Does The Right Thing".  But this seems silly if SSH
can do this itself somehow.

OTOH, I may have to do the in-command-channel network forwarder anyway since
SSH has no way to tell the remote since which remote interface IP to bind the
outgoing connection from.

|WARNING: Due to extreme spam, googlegroups.com is blocked.  Due to ignorance |
|         by the abuse department, bellsouth.net is blocked.  If you post to  |
|         Usenet from these places, find another Usenet provider ASAP.        |
| Phil Howard KA9WGN (email for humans: first name in lower case at ipal.net) |

Site Timeline