Got error
runtime: bad pointer in frame github.com/konsorten/go-windows-terminal-sequences.EnableVirtualTerminalProcessing at 0xc0000674e8: 0x50
fatal error: invalid pointer found on stack

SSH config file supports an option, LocalForward that specifies a local port to be forwarded to a remote machine over the ssh connection established to the given server.

Making mole to use that option would help users that are already using it on their ssh config file to:

• Not duplicate the option in the ssh config file (i.e. LocalForward), and in the mole aliases file (i.e. local and remote)
• Make mole easier to use since there -local and -remote options would be required

From https://www.ssh.com/ssh/config/:

LocalForward

Specifies that a TCP port on the local machine be forwarded over the secure channel to the specified
host and port from the remote machine. The first argument must be [bind_address:]port and the
second argument must be host:port.

The update alias command would update the given flags of a pre-existing alias configuration

• Alias configuration before command execution

$ cat $HOME/.mole/example.toml
type = "local"
verbose = false
insecure = false
detach = false
source = [":8081"]
destination = ["172.17.0.100:80"]
server = "[email protected]:22122"
key = "test-env/ssh-server/keys/key"
keep-alive-interval = "10s"
connection-retries = 3
wait-and-retry = "3s"
ssh-agent = ""
timeout = "3s"

• Command execution

$ mole update alias example --key "path/to/new/key"
alias example updated with success

• Alias configuration file after command execution

$ cat $HOME/.mole/example.toml
type = "local"
verbose = false
insecure = false
detach = false
source = [":8081"]
destination = ["172.17.0.100:80"]
server = "[email protected]:22122"
key = "path/to/new/key"
keep-alive-interval = "10s"
connection-retries = 3
wait-and-retry = "3s"
ssh-agent = ""
timeout = "3s"

Add a new command to output all running detached application instances and their configuration.
If no instance id is provided, the command outputs all active instances.

$ mole start alias test-env
INFO[0000] execute "mole stop test-env" if you like to stop it at any time
$ mole show instance test-env
test-env:
  configuration:
    verbose: true
    insecure: true
    detach: true
    source: :21112, :21113
    destination: 192.168.33.11:80, 192.168.33.11:8080
    server: [email protected]:22122
    key: test-env/ssh-server/keys/key
    keep alive interval: 2s
    connection retries: 3
    wait and retry: 3s
    ssh agent: 
    timeout: 3s

Affected Version

N.A.

Expected Behavior

mole should have been installed

Current Behavior

Unable to install mole through homebrew

✦ ❯ brew tap davrodpin/homebrew-mole && brew install mole
Updating Homebrew...
==> Auto-updated Homebrew!
Updated 5 taps (weaveworks/tap, buo/cask-upgrade, homebrew/core, homebrew/cask and aws/tap).
==> New Formulae
rustscan
==> Updated Formulae
Updated 41 formulae.
==> New Casks
<redacted>

==> Tapping davrodpin/mole
Cloning into '/usr/local/Homebrew/Library/Taps/davrodpin/homebrew-mole'...
remote: Enumerating objects: 18, done.
remote: Counting objects: 100% (18/18), done.
remote: Compressing objects: 100% (14/14), done.
remote: Total 42 (delta 8), reused 11 (delta 4), pack-reused 24
Unpacking objects: 100% (42/42), 8.52 KiB | 272.00 KiB/s, done.
Tapped 1 formula (68 files, 43.2KB).
Error: Another active Homebrew update process is already in progress.
Please wait for it to finish or terminate it to continue.
==> Installing mole from davrodpin/mole
==> Downloading https://github.com/davrodpin/mole/archive/v1.0.1.tar.gz
==> Downloading from https://codeload.github.com/davrodpin/mole/tar.gz/v1.0.1
##O#- #
==> go build -ldflags -X github.com/davrodpin/mole/cmd.version=1.0.1 github.com/davrodpin/mole
Error: Empty installation
~
✦ ❯

Environment

• OSX: 10.15.6
• brew

✦ ❯ brew --version
Homebrew 2.5.2
Homebrew/homebrew-core (git revision 67222; last commit 2020-09-22)
Homebrew/homebrew-cask (git revision 1821ab; last commit 2020-09-22)
~

• Go

❯ go version
go version go1.15.2 darwin/amd64
~

Implement a new flag, -insecure that will ignore the host key checking while establishing connection to the ssh server.

Potential Solution

Along with the CLI argument parsing, the code would need to skip setting the HostKeyCallback to ssh.ClientConfig on tunnel/tunnel.go

Hi @davrodpin thanks for Mole. I found it via this webpage.

I'm currently using it to access home services I don't want to expose to the Internet via web interface.

Would you consider a UI for Mole? I'm happy to help you with providing some design mockups. (Sorry my coding skills are abysmal)

It would be helpful to be able to control the tunnels via the desktop.

What do you think?

For users familiar with the app, having a shorter version of the flag names could save some time while typing the option.

Proposal for mole's flag names supported on version 0.5.0

mole 0.2.0 and macOS 10.13.6

Expected Behavior

Requests to localhost:3389 should be forward to remote:8888,

Current Behavior

localhost:3389 can't be reached, and
ERRO[0002] error generating ssh client config: ssh: cannot decode encrypted private keys tunnel="[local:127.0.0.1:3389, server:my.Server.I.P:myServerPort, remote:127.0.0.1:8888]"

Steps to Reproduce

1. In remote server, run jupyter lab, this will run the jupyter on port 8888.
2. Add the server information into ~/.ssh/config:

Host myServer
  Hostname my.Server.I.P
  Port myServerPort
  User user
  IdentityFile ~/.ssh/id_rsa

3. Run mole -v -local :3389 -remote :8888 -server myServer.
4. Visit http://localhost:3389/ in a browser.

The ssh-agent is running and I added the ssh key into the macOS keychain by ssh-add -K ~/.ssh/id_rsa. After the error, I remove it from the keychain by ssh-add -d ~/.ssh/id_rsa, but no luck. I also killed the ssh-agent process, still the same error.

Before mole, I use this ssh command: ssh -N -p myServerPort [email protected] -L localhost:3389:localhost:8888 and it works fine.

Affected Version

master @ 099b47a

Current Behavior

I can't skip host key validation with -insecure using an alias created with the right flag.

Expected Behavior

The insecure mode should be respected when creating an alias passing -insecure

Steps to Reproduce

$ ./mole -alias test  -v -insecure -local :21112 -remote 192.168.33.11:8080 -server [email protected]:22122 -key test-env/ssh-server/keys/key
$ ./mole -start test
DEBU[0000] cli options                                   options="[local=:21112, remote=192.168.33.11:8080, [email protected]:22122, key=test-env/ssh-server/keys/key, verbose=true, help=false, version=false, detach=false, insecure=false]"
DEBU[0000] using ssh config file from: /Users/mole/.ssh/config
DEBU[0000] server: [name=127.0.0.1, address=127.0.0.1:22122, user=mole]
DEBU[0000] tunnel: [channels:[[local=127.0.0.1:21112, remote=192.168.33.11:8080]], server:127.0.0.1:22122]
DEBU[0000] known_hosts file used: /Users/mole/.ssh/known_hosts
ERRO[0000] server dial error: ssh: handshake failed: knownhosts: key mismatch  tunnel="[channels:[[local=127.0.0.1:21112, remote=192.168.33.11:8080]], server:127.0.0.1:22122]"
$ cat /Users/davidrodrigues/.mole.conf
[tunnels]
  [tunnels.test]
    local = [":21112"]
    remote = ["192.168.33.11:8080"]
    server = "[email protected]:22122"
    key = "test-env/ssh-server/keys/key"
    verbose = true
    help = false
    version = false
    detach = false

Affected Version

$ mole -version
mole 0.2.0

Expected Behavior

In my ~/.ssh/config i have a server named ucd_f23. Mole seems to split the name and use only ucd as the server name. It should not.

Current Behavior

$ mole -v -local :8000 -remote 192.168.12.49:5001 -server root@ucd_f23
DEBU[0000] cli options                                   options="[local=:8000, remote=192.168.12.49:5001, server=root@ucd, key=, verbose=true, help=false, version=false]"
DEBU[0000] using ssh config file from: /home/nicolas/.ssh/config 
DEBU[0000] server: [name=ucd, address=ucd:22, user=root, key=/home/nicolas/.ssh/id_nicolas] 
DEBU[0000] tunnel: [local:127.0.0.1:8000, server:ucd:22, remote:192.168.12.49:5001] 
INFO[0000] listening on local address                    local_address="127.0.0.1:8000"
DEBU[0046] new connection                                address="127.0.0.1:40046"
DEBU[0046] known_hosts file used: /home/nicolas/.ssh/known_hosts 
ERRO[0046] server dial error: dial tcp: lookup ucd on 192.168.40.1:53: no such host  tunnel="[local:127.0.0.1:8000, server:ucd:22, remote:192.168.12.49:5001]"

Steps to Reproduce

1. Have something like this in your ~/.ssh/config:

Host ucd_f23
    Hostname      1.2.3.4
    IdentityFile  ~/.ssh/id_key
    ProxyJump     jump.example.net

2. Start mole: mole -v -local :8000 -remote 192.168.12.49:5001 -server root@ucd_f23

Add a new section to README.md explaining what is the motivation behind having an alias and showing where they are stored and the format used, TOML

Linked to: #104

How could you use this without the CLI functionality.

Like hardcode the variables for username , host, remote and local ports, private key as a byte array.

And then build it with these hard coded variables.

https://help.ubuntu.com/community/SSH/OpenSSH/PortForwarding

Version: master

Steps to Reproduce

1. Checkout master.
2. Run $ go test -race -count=100 ./...
3. Observe goroutine leak

... scrolls up for a loong time. Interestingly removing the go qualifier from https://github.com/davrodpin/mole/blob/master/tunnel/tunnel.go#L254-L255 just causes the test to hang indefinitely.

mole version 1.0.1
mac 10.15.7
using mole start alias --detach doesn't detach the process

(nice utility by the way!)

So this question is more about usage and may be a small misunderstanding of how this tool should be used. My current use case is to have this tool forward requests to a known host on a separate network from the current network, as if that domain name had existed on the current network. A quick example to demonstrate:

# domain-name:9999 DOES NOT resolve on local
# domain-name:9999 DOES resolve from the SSH server

mole start local \
  --source domain-name:999 \
  --destination domain-name:9999 \
  --server user@jump-server

In this example, domain-name:9999 DOES exist and resolve when requested from the jump server. However, on the local machine, domain-name:9999 does not exist or resolve. Is there a way to have mole directly route these requests as if that domain did exist on the local machine?

When attempted to do this, it errors with ERRO[0000] listen tcp <ip>:9999: bind: can't assign requested address. Any advice on how this could be possible?

Iam using windows version of Mole v1.0.1 and failed to logon using my privatekey with --key parameter.
error="ssh: handshake failed: knownhosts: key is unknown"

There isn't problem with my private key because i can logon with that key using putty or another ssh software.
My private key is ssh-rsa 2048

Thanks.

I spent a few hours this evening working through the main functionality for a Local-to-Remote tunnel (as I understand it from reading documentation and the flag shortcuts ticket).

You'll see the UI looks very empty (in terms of OS/web-browser chrome, etc) apart from the functionality to create/start/stop the tunnels. This is a conscious decision as I'm still not sure of how it would/could look yet. (See #71 for my questions about that)

Please have a look. If there's something functionally incorrect, let me know. As I said above, this is basic functionality. There is lots more I know (remote forward, etc.)

1. Proposed user flow from creating SSH alias to starting SSH tunnel

2. Proposed UI for creating SSH aliases

3. Proposed UI for creating SSH tunnel connections

4. Proposed UI for SSH tunnel dashboard

5. Proposed SSH tunnel status indicators

Thanks!

It would be great if there is a way to specify the SSH config file i.e. a file other than ~/.ssh/config. My use case is that I deploy a lot of SSH servers where the bastion's IP either keep on changing (due to security) or when working on temporary environments.

hi !

introductionar words :

1. wonderful work - especially looking forward the rpc ( btw. what are the intentions behind ? ;-) )
2. personally i use linux, but i try to use mole for rdp/ssh on windows for my users - much fuzz there - tried all what is available in the internet - and not satisfied so far ... not even one ONESTOP console program to achieve things ... ;-)
   that said -

for mass deployment it is a no-go to use private keys /wo passphrases.
since mole has no feature to collect the passphrase from the user from console (commandline-args or config-files are NO good idea) the only possibility (on windows) is to start pageant with '-c "mole.exe ..."' but ...
for that reason mole would have to use xanzy/ssh-agent instead of golang.org/x/crypto/ssh/agent

SCENARIO :

"mole add alias ccc ... ... --deferred-passphrase"

"mole start alias ccc --passphrase-from-console" or
"mole start alias ccc --passphrase-from-stdin" or
"mole start alias ccc --passphrase supersecret"

OR WITH RPC :

"mole start alias ccc ... ... --defer-connect --rpc"

"mole misc rpc ask_private_key_passphrase_from_console" or
"mole misc rpc ask_private_key_passphrase_from_stdin" or
"mole misc rpc specify_private_key_passphrase supersecret"

"mole misc rpc connect"

at least please comment if passphrase handling will be managed somehow sometime and/or
if golang.org/x/crypto/ssh/agent is possible

thank you very much
wolfgang

The app could keep sending a keep-alive packet to the ssh server to avoid connection time outs configured on the server side.

Those synthetic, null packets should be sent every 10 seconds by default, with a flag , -ka-interval, to allow the user to override this value.

In case the ssh server does not respond to the keep-alive packets, the app should keep trying to send them three (3) times before giving up and closing the connection. The number of attempts could be overridden by the user using the flag -ka-attempt.

$ mole -remote :443 -server example -ka-interval "5 seconds" -ka-attempt 10

Related-To: #24

Affected Version

mole 0.4.0 installed through brew
MacOS Mojave 10.14.6 (18G95)

Expected Behavior

mole should use the existing key-agent socket SSH_AUTH_SOCK=/private/tmp/com.apple.launchd.xXxxxX/Listeners

Current Behavior

asks for key-password

Steps to Reproduce

1. configure a tunnel
2. start ssh-agent and make sure to set ENV
3. start mole
4. -> key-password is asked

Every time a successful check runs, a new coverage report is added under docs/cov.
To avoid old reports to be kept in the repository, the check should clean up reports older than a week.

Ideally, a single commit should remove the old reports and add the new one.

The way to provide longhand cli arguments to mole has changed to use double dashes, --, since 49efce0 and the examples used in documentation files need to be updated.

• /test-env/README.md

When I run mole -start <alias> it panics with:

$ mole -start nightly
The key provided is secured by a password. Please provide it below:
Password:
panic: non-positive interval for NewTicker

goroutine 9 [running]:
time.NewTicker(0x0, 0x0)
	/usr/local/Cellar/go/1.13/libexec/src/time/tick.go:23 +0x147
github.com/davrodpin/mole/tunnel.(*Tunnel).keepAlive(0xc0000e0200)
	/Users/james/go/src/github.com/davrodpin/mole/tunnel/tunnel.go:300 +0x44
created by github.com/davrodpin/mole/tunnel.(*Tunnel).dial
	/Users/james/go/src/github.com/davrodpin/mole/tunnel/tunnel.go:290 +0x23f

Unclear what version I'm running:

$ mole --version
mole unversioned

I originally installed with go get -u ...

Affected Version

v.0.2.0

Expected Behavior

The app should fail and raise an error message if both -remote and -server options were not provided

Current Behavior

The app accepts the command and adds an entry on $HOME/.mole.conf

Steps to Reproduce

$ cat $HOME/.mole.conf
cat: /Users/<user>/.mole.conf: No such file or directory
$ mole -alias example1
$ cat $HOME/.mole.conf
[tunnels]
  [tunnels.example]
    local = ""
    remote = ""
    server = ""
    key = ""
    verbose = false
    help = false
    version = false

Implement a new command, mole show logs that will output the log of any mole session, including the ones running on foreground.
The --tail option will make it to tail the end of the output.

$ mole show logs my-alias
<log output>
...

$ mole show logs b3339a0b --tail
<log output>

Affected Version

master @ 2aeee32

Expected Behavior

No warning message about options on ssh configuration file should be thrown to the user if they are not used.

Current Behavior

The following message was observed even when no ssh configuration file was needed or existed:

WARN[0000] error reading LocalForward configuration from ssh config file. This option will not be used: bad forwarding specification on ssh config file: []

Steps to Reproduce

1. make test-env
2. mole -v -remote 192.168.33.11:80 -server [email protected]:22122 -key test-env/key

DEBU[0000] cli options                                   options="[local=, remote=192.168.33.11:80, [email protected]:22122, key=test-env/key, verbose=true, help=false, version=false]"
DEBU[0000] using ssh config file from: $HOME/.ssh/config
WARN[0000] error reading LocalForward configuration from ssh config file. This option will not be used: bad forwarding specification on ssh config file: []
DEBU[0000] server: [name=127.0.0.1, address=127.0.0.1:22122, user=mole, key=test-env/key]
DEBU[0000] using ssh config file from: $HOME/.ssh/config
WARN[0000] error reading LocalForward configuration from ssh config file. This option will not be used: bad forwarding specification on ssh config file: []
DEBU[0000] tunnel: [local:127.0.0.1:60831, server:127.0.0.1:22122, remote:192.168.33.11:80]
INFO[0000] listening on local address                    local_address="127.0.0.1:60831"

New CLI flag to configure the client timeout while trying to establish a connection with the ssh server.

Potential Solution

Along with the addition of a new cli flag, the following code would need to be changed to use the given timeout value:

The project should have a shell script that, once executed, would detect the system architecture then download the proper binary then install it.

How to find OS name and architecture:

• macOS

$ uname -sm
Darwin x86_64

• linux

$ uname -sm
Linux x86_64

The installation process would look like to:

$ bash <(curl -fsSL https://raw.githubusercontent.com/davrodpin/mole/master/tools/install)

Affected Version

0.4.0

Current Behavior

Mole is failing with valid arguments given

$ mole -insecure -local :21112 -local :21113 -remote 192.168.33.11:80 -remote 192.168.33.11:8080 -server [email protected]:22122 -key test-env/ssh-server/keys/key
ERRO[0000] error processing server options: error accessing 127.0.0.1: open /Users/mole/.ssh/config: no such file or directory

None of the arguments given depend on the ssh config file, so there is no need for the file to be required.

Steps to Reproduce

1. Install version 0.4.0
2. Execute the following command:

$ ls /Users/mole/.ssh/config
ls: /Users/mole/.ssh/config: No such file or directory
$ mole -version
mole 0.4.0
$ mole -insecure -local :21112 -local :21113 -remote 192.168.33.11:80 -remote 192.168.33.11:8080 -server [email protected]:22122 -key test-env/ssh-server/keys/key
ERRO[0000] error processing server options: error accessing 127.0.0.1: open /Users/mole/.ssh/config: no such file or directory

Affected Version

92f82af

Expected Behavior

Flags given through CLI while using the start alias <alias_name> must override the values stored in the alias.

Current Behavior

The start alias <alias_name> does not support any flag to be given through CLI.

Steps to Reproduce

$ mole start alias any-alias-with-detach-false --detach
Error: unknown flag: --detach
Usage:
  mole start alias [name] [flags]

Flags:
  -h, --help   help for alias

Affected Version

mole compiled from a5252a4

go-env

$ go env
GOARCH="amd64"
GOBIN=""
GOCACHE="$HOME/Library/Caches/go-build"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="darwin"
GOOS="darwin"
GOPATH="$HOME/dev/gowork"
GOPROXY=""
GORACE=""
GOROOT="/usr/local/Cellar/go/1.11.1/libexec"
GOTMPDIR=""
GOTOOLDIR="/usr/local/Cellar/go/1.11.1/libexec/pkg/tool/darwin_amd64"
GCCGO="gccgo"
CC="clang"
CXX="clang++"
CGO_ENABLED="1"
GOMOD=""
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -fdebug-prefix-map=/var/folders/k1/lbj19n2j2ms3xhwx4g30hv480000gp/T/go-build820219202=/tmp/go-build -gno-record-gcc-switches -fno-common"

Platform:

$ sw_vers
ProductName:	Mac OS X
ProductVersion:	10.13.6
BuildVersion:	17G65

Expected Behavior

The app should provide the reason for failing its execution when the user is providing the wrong flags or combination of flags

Current Behavior

The app is showing the usage with no error message, as follows:

$ mole -remote :443
usage:
  mole [-v] [-local [<host>]:<port>] -remote [<host>]:<port> -server [<user>@]<host>[:<port>] [-key <key_path>]
  mole -alias <alias_name> [-v] [-local [<host>]:<port>] -remote [<host>]:<port> -server [<user>@]<host>[:<port>] [-key <key_path>]
  mole -alias <alias_name> -delete
  mole -start <alias_name>
  mole -help
  mole -version

  -alias string
        Create a tunnel alias
  -delete
        delete a tunnel alias (must be used with -alias)
  -help
        list all options available
  -key string
        (optional) Set server authentication key file path
  -local value
        (optional) Set local endpoint address: [<host>]:<port>
  -remote value
        set remote endpoint address: [<host>]:<port>
  -server value
        set server address: [<user>@]<host>[:<port>]
  -start string
        Start a tunnel using a given alias
  -v    (optional) Increase log verbosity
  -version
        display the mole version

Affected Version

1.0.1

Expected Behavior

tunnel port

Current Behavior

time="2020-09-12T12:10:35+07:00" level=error msg="error generating ssh client config: error while parsing 'known_hosts' file: C:\Users\meoti\.ssh\known_hosts: knownhosts: C:\Users\meoti\.ssh\known_hosts:21: illegal base64 data at input byte 140" tunnel="[channels:[[source=127.0.0.1:5432, destination=127.0.0.1:5432]], server:xx.xx.xx.xx:22]"

Steps to Reproduce

start command: mole start local --source :5432 --source :6379 --destination :5432 --destination :6379 --server server on windows 10, and git bash (https://git-scm.com/downloads)

Add a -detach argument to the CLI to flag the application must be detached from the current terminal and run in background. User should be able to redirect stdout and stdin to log files for auditing purposes

Affected Version

Latest commit (843dce7)

Expected Behavior

First try running on Windows 10 under cygwin I created an alias which I then try to use.
mole -alias ldlc_minishift -remote 192.168.99.100:8443 -server [email protected] -key $(cygpath -m ~/.ssh/id_rsa)
mole -start ldlc_minishift

I expect connect to succeed.

Current Behavior

mole fails to find known_hosts file because of horrible Windows pathnames!

time="2018-10-22T18:59:30+02:00" level=info msg="listening on local address"
local_address="127.0.0.1:28302"
time="2018-10-22T19:02:19+02:00" level=error msg="error generating ssh client config: error while parsing 'known_hosts' file: C:\tools\cygwin\home\windo\.ssh\known_hosts: open C:\tools\cygwin\home\windo\.ssh\known_hosts: The system cannot find the path specified." tunnel="[local:127.0.0.1:28302, server:192.168.0.40:22, remote:192.168.99.100:8443]"

Steps to Reproduce

1. On Windows/Cygwin: Create an alias with, for example
   mole -alias ldlc_minishift -remote 192.168.99.100:8443 -server [email protected] -key $(cygpath -m ~/.ssh/id_rsa)

2.On Windows/Cygwin: Start with that alias, for example
mole -start ldlc_minishift

Obviously this is a work-around for a Windows pathname problem but the --ignore-known-hosts option could be useful more generally.

A work around for the specific Windows pathname problem is welcome.

Affected Version

099b47a

Expected Behavior

Validate the input given through -remote flag and fail the application if the address port is not given.

Current Behavior

Accepting value on -remote without port and failing when the client tried to connect to the remote endpoint.

Steps to Reproduce

1. Build master @ 099b47a
2. Start test-env

$ make test-env

3. Start mole with a remote set without port

$ ./mole -v -insecure -local :21112 -remote 192.168.33.11 -server [email protected]:22122 -key test-env/ssh-server/keys/key -keep-alive-interval
 2s
DEBU[0000] cli options                                   options="[local=:21112, remote=192.168.33.11, [email protected]:22122, key=test-env/ssh-server/keys/key, verbose=true, help=false, version=false, detach=false]"
DEBU[0000] using ssh config file from: /Users/davidrodrigues/.ssh/config
DEBU[0000] server: [name=127.0.0.1, address=127.0.0.1:22122, user=mole]
DEBU[0000] tunnel: [channels:[[local=127.0.0.1:21112, remote=192.168.33.11]], server:127.0.0.1:22122]
DEBU[0000] new connection established to server          server="[name=127.0.0.1, address=127.0.0.1:22122, user=mole]"
INFO[0000] tunnel is ready                               local="127.0.0.1:21112" remote=192.168.33.11

4. Try to connect to 192.168.33.11:21112

$ curl 127.0.0.1:21112
curl: (56) Recv failure: Connection reset by peer

5. Go back to where mole is executing and you should see the following error

DEBU[0006] new connection                                address="127.0.0.1:65460"
ERRO[0006] remote dial error: address 192.168.33.11: missing port in address  tunnel="[channels:[[local=127.0.0.1:21112, remote=192.168.33.11]], server:127.0.0.1:22122]"

The mole add alias --help command shows the usage with local tunnel type only.
It rather should [tunnel_type] since the user can create an alias for both local and remote port forwarding.

Once that is done, the long description should have a reference to the accepted values for tunnel type (i.e. local and remote) and a brief description what they are.

It would be great if there is a way to disable StrictHostKeyChecking in the SSH config file like below.

Host example
  User mole
  Hostname 127.0.0.1
  Port 22122
  StrictHostKeyChecking no
  UserKnownHostsFile=/dev/null
  IdentityFile test-env/ssh-server/keys/key

My use case is that I deploy a lot of SSH servers where the bastion's IP either keep on changing (due to security) or when working on temporary environments.

It will be great if mole could run on Windows operating system, have anyone tried to build it for Windows?

Would be nice if aliases can be loaded off a configuration like ~/.mole/aliases.config or something.

• It'll be easier to share config across colleagues
• It'll be easier to bulk edit aliases at the same time if there are any changes that apply to all or most of them

Definitely can live with the current way of doing things, thought this could be more convenient. If such a thing already exists, do point me towards that

Affected Version

v1.0.0

Expected Behavior

Respect the values of the verbose, insecure and detach flags when

Current Behavior

Verbose, insecure and detach flags are set to true in the alias but not active when using start alias

Steps to Reproduce

1. Start the test environment

make test-env

2. Create an alias passing --verbose, --insecure, --detach

mole start local \                                                                 
  --verbose \                                                                      
  --insecure \  
  --detached \                                                                   
  --source :21112 \                                                                                                                                
  --destination 192.168.33.11:80 \
  --server [email protected]:22122 \                                                  
  --key test-env/ssh-server/keys/key \                                             
  --keep-alive-interval 2s 

3. Check the flag values persisted in the alias file

cat ~/.mole/test-env.toml 
type = "local"
verbose = true
insecure = true
detach = true
source = [":21112"]
destination = ["192.168.33.11:80"]
server = "[email protected]:22122"
key = "test-env/ssh-server/keys/key"
keep-alive-interval = "2s"
connection-retries = 3
wait-and-retry = "3s"
ssh-agent = ""
timeout = "3s"

4. Start a tunnel using the alias and observer the new tunnel will not be verbose (no debug messages), insecure (skip host validation) and detached (running in background) as configured

mole start alias test-env
INFO[0000] tunnel channel is waiting for connection      destination="192.168.33.11:80" source="127.0.0.1:21112"

App should allow to specify multiple -remote, so user could access multiple services through the same tunnel, reusing the same connection.

Example:

$ mole -remote host1:3306 -remote host2:80 -remote host2:443 -server my-ssh-server
INFO[0000] listening on local address                    remote="host1:3306", local_address="127.0.0.1:64723"
INFO[0000] listening on local address                    remote="host2:80", local_address="127.0.0.1:64724"
INFO[0000] listening on local address                    remote="host2:443", local_address="127.0.0.1:64725"

If multiple -remote are specified, then -local can't be used.

let me know if anyone has another suggestion for how to specified the local port for each host without combining -remote and -local in one single flag).

Interesting tool @davrodpin!

I'd expect a tool for managing SSH tunnels to support reverse (ssh -R) and dynamic (ssh -D) tunnels.

Reverse tunnels could be implemented by a -reverse flag that causes ssh to be spawned with -R instead of -L.

Dynamic tunnels could be implemented by a -dynamic flag with makes mole not need(in fact should error if it is present) the -remote flag.

Affected Version

0.5.0, also tested 0.4

Expected Behavior

Tunnel should be set up.

Current Behavior

When launching mole, it crashes and outputs:
ERRO[0000] error generating ssh client config: extra data in encoded key tunnel="[channels:[[local=127.0.0.1:8080, remote=127.0.0.1:8080]], server:IP:22]"

Steps to Reproduce

1. Open a WSL (Windows Subsystem for Linux) terminal
2. Run:

mole -v -local :8080 -remote :8080 -server someserver

Output:

DEBU[0000] cli options                                   options="[local=:8080, remote=:8080, server=someserver, key=, verbose=true, help=false, version=false, detach=false, insecure=false, keep-alive-interval=10s, timeout=3s, connection-retries=3, retry-wait=3s]"
DEBU[0000] using ssh config file from: /home/username/.ssh/config
DEBU[0000] server: [name=someserver, address=123.123.123.123:22, user=username]
DEBU[0000] tunnel: [channels:[[local=127.0.0.1:8080, remote=127.0.0.1:8080]], server:123.123.123.123:22]
ERRO[0000] error generating ssh client config: extra data in encoded key  tunnel="[channels:[[local=127.0.0.1:8080, remote=127.0.0.1:8080]], server:123.123.123.123:22]"

These four functions seem to have the intention of having identical functionality.

1. If given value is non-empty, return it.
2. Else return resolved value.

However reconcileHostname diverges from this pattern by prioritizing resolvedHostname instead of givenHostname like the others do.

If this is a mistake, I suggest the following function to replace all four of them:

func reconcileValue(given, resolved string) string {
    if given != "" {
        return given
    }
    
    return resolved
}

The feedback below came from a Hacker News discussion:

tjoff
I don't know if it does but I kind of assumed/hoped it did reconnect if a connection drops. But I can't find anything about it so I guess it doesn't.reply | I don't know if it does but I kind of assumed/hoped it did reconnect if a connection drops. But I can't find anything about it so I guess it doesn't.reply

earthscienceman 5 hours ago 
Uh. I run an autossh program on the host in question. It auto-runs ssh connections when they drop, including tunnels. https://www.everythingcli.org/ssh-tunnelling-for-fun-and-profit-autossh/

This might be a good feature to implement, maybe a new optional flag to indicate how many consecutive attempts should be made before giving up.

https://blog.golang.org/using-go-modules

New command to install auto completion for bash and zsh very similar to what kubectl does