Description
openedon Dec 11, 2023
Related command
az network bastion tunnel
Is your feature request related to a problem? Please describe.
The current az network bastion tunnel
command listens on a local TCP ports and forward the traffic. However, the most common way to work with generic bastion hosts with OpenSSH is to use the ProxyCommand
directive, which uses stdin/stdout to tunnel the traffic to be forwarded.
The lack of this ability causes people to do weird things to make it suitable, see for instance this gist that ends up calling nc
to provide the stdin/stdout interface: https://gist.github.com/akisys/23e7f0d4d98154b3067a6a6914dcb483
Describe the solution you'd like
Add a --stdin
option (or whatever better name) that is mutually exclusive with --port
and can be used in the OpenSSH client config like this:
ProxyCommand=az network bastion tunnel --name MyBastionHost --resource-group MyResourceGroup --target-ip-address %h --resource-port %p --stdin
Describe alternatives you've considered
Something like https://gist.github.com/akisys/23e7f0d4d98154b3067a6a6914dcb483 but it is really unnecessary.
Additional context
Being able to use ProxyCommand
would make the usage from Ansible more straighforward.