Skip to content

Ssh jumphost

wordpress meta

title: 'SSH JumpHost'
date: '2017-09-29T09:53:43-05:00'
status: publish
permalink: /ssh-jumphost
author: admin
excerpt: ''
type: post
id: 1129
    - SSH
tag: []
post_format: []

Newer versions of ssh simplified the ProxyCommand directive a little in config files with ProxyJump directive.

A command line ProxyCommand may work like this for you:

$ ssh -i private_key -o "ProxyCommand ssh -W %h:%p -i private_key user@<jumphost IP address" user@<private IP address>

Config file entries like this:

$ more config 
Host gw01
     HostName <jumphost IP>
     User <username>
     IdentityFile /full/path/private_key
Host server1
     ProxyJump gw01
     User <username>
     IdentityFile /full/path/private_key

Using ssh config you can simply ssh like this:

$ ssh server1

Or better if you have many projects using ssh with a custom config file:

$ ssh -F my-config server1

Note: I am not able to use ProxyJump as a command line one liner with the -J flag when I have private keys on both the JumpHost and Private Host. For example below does not specify the -i for the jump host and not sure it will accept it command line.

$ ssh -i key -J user@public-IP user@private-IP

Couple examples of scp using the config file and/or jumping:

rrosso@rrosso-VirtualBox:~/.ssh$ scp -F my-config -oProxyJump=gw01 /media/antergos-17.6-x86_64.iso  host01:/pool/

rrosso@rrosso-VirtualBox:~/.ssh$ scp -F my-config  /media/antergos-17.6-x86_64.iso  gw01: