Please see EDIT #2 for latest findings
I've looked at other similar questions but, unfortunately, none of them seemed to help. This one is the closest and my symptoms are similar.
Here's the issue:
- I am trying to setup the equivalent of
ProxyJumpvia PuTTY, from Windows workstation A to Linux box (MFA protected, password first) B to Linux target C - My proxy command is
plink.exe -agent -l <user> %proxyhost -nc %host:%port\n - Upon initiating a connection to C, I just see a window that says
Starting local proxy command: plink.exe -agent -l B -nc C:22
and simply hangs there.
In PuTTY log I see
Using keyboard-interactive authentication
.Password:
but that password prompt never shows up on screen and the open window won't take any input.
Any suggestions on what I might have missed?
Thanks in advance for all help.
Cheers!
EDIT #1: Upon further experimentation, it turns out this issue has to do with any keyboard-interactive second factor. Even I changed from Azure MFA to Duo, I still see the same behavior.
The output from the remote server is never tied back to the PuTTY terminal - I wonder if plink has anything to do with this, since it's intended behavior is similar to ProxyCommand otherwise. Perhaps something to do with how pipes to and from remote sessions are handled?
EDIT #2: This is almost certainly now an issue with plink and keyboard-interactive authentication. I tried PubKeyAuthentication only as well as GSSAPIAuthentication only and both of them work fine. I then tried PasswordAuthentication only and it failed.
I've updated the post title accordingly.
