Well, I don’t know if it’s different with 3.2.1 or on el7, but on my 3.5 with el8 /usr/share/foreman-proxy/.ssh is a symlink to /var/lib/foreman-proxy/ssh.
lrwxrwxrwx. 1 root root 26 Nov 15 2022 /usr/share/foreman-proxy/.ssh -> /var/lib/foreman-proxy/ssh
If that’s different on your server it would be helpful to know.
Yes. That would be the issue I have describe in All remote execution jobs fail immediately with exception last year on 3.1.1 which then lead to the -o ProxyCommand=none added in a later version.
I am not sure, if you can use ProxyJump instead. I guess, internally ssh will just rewrite that into another proxy command and it won’t work either. But I am not sure. You could try.
Otherwise the quick band-aid at the moment would be to change the shell for the foreman-proxy user to /bin/bash. Bug #36456: Not possible to use ProxyJump or ProxyCommand for remote execution. - Foreman Remote Execution - Foreman mentions that there were some concerns about this and I guess you have to make that change each time you run the foreman-installer.
And the patching gets worse after you upgrade to a later version which has the ProxyCommand override on the command line.
Bottom line: it all comes down to what they do with the issue I have opened. Currently, it’s not supported and only possible with some patching… Let’s hope someone comes up with a solution.
So, technically the quick band-aid at this point would be to change the default