monkeysphere ssh-proxycommand --no-connect should not fail if the host is not directly reachable
one of the common use cases for the --no-connect option to monkeysphere ssh-proxycommand is to layer the tool into some other ProxyCommand.
often other (non-monkeysphere) ProxyCommands are used for so-called JumpHosts, where the target server is not directly reachable from the client (due to firewalls, etc).
For example, a simple monkeysphere-enabled ProxyCommand to get through a jumphost might look like @-oProxyCommand='msjump jumphost.example %h %p'@:
#!/bin/sh # usage: ssh -oProxyCommand='msjump jumphost.example %h %p' jumphost="$1" host="$2" port="$3" monkeysphere ssh-proxycommand --no-connect "$host" "$port" && ssh "$jumphost" nc "$host" "$port"
However, if a user uses this when the final destination is unavailable, we see this message, and the ssh connection fails:
target.example: forward host lookup failed: Unknown host : Connection timed out ssh_exchange_identification: Connection closed by remote host
This is likely because of the ssh-keyscan step of monkeysphere ssh-proxycommand.
it seems to me like the presence of --no-connect should either:
prevent the ssh-keyscan from happening at all, or
permit the ssh-keyscan process to fail without triggering an overall error
(from redmine: created on 2009-12-09)