SFTP bootstraps itself by using the subsystem request, and there's the "-s" option in the client to send in different subsystem name. So we should be able to support something like -s "sftp diagnose JOBNAME" to let the server understand the right context.

SCP doesn't use this mechanism, and the only hook is the "-S program" option to specify the path to ssh. Unfortunately, scp invokes ssh with something like "-x -o... -o... -o... – host scp -t ..." and so there's no one liner to convert this to "... – host diagnose JOBNAME scp"

In both cases, these cannot be described in ~/.ssh/config, which makes this painful.

Another possibility is to send environment variable via -oSendEnv=CONTEXT. A wrapper script needs to be provided to actually invoke it with "export CONTEXT=diagnose JOBNAME".

Yet another hack is to use remote-to-local port forwarding as the information carrying mechanism in the host name portion ("-oRemoteForward=9999 ThisCanBeArbitraryText:1234", except ThisCanBeArbitraryText can't really be an arbitrary text because it needs to look like a host name.

Yet another approach is to use "ProxyCommand=ssh -p %p jenkins.acme.com diagnose-tunnel JOBNAME" or something. This first creates an SSH connection to jenkins.acme.com and runs the diagnose-tunnel command with arguments. This can set up the relevant context, then pass on the stream to another SSH server session.

The only downside is that it does double encryption. But the ProxyCommand option can be in ~/.ssh/config, and with the wildcard support in it, the end user experience can be something like:

ssh JOBNAME.jenkins.acme.com