Ssh jumphost
wordpress meta
title: 'SSH JumpHost'
date: '2017-09-29T09:53:43-05:00'
status: publish
permalink: /ssh-jumphost
author: admin
excerpt: ''
type: post
id: 1129
category:
- SSH
tag: []
post_format: []
title: 'SSH JumpHost'
date: '2017-09-29T09:53:43-05:00'
status: publish
permalink: /ssh-jumphost
author: admin
excerpt: ''
type: post
id: 1129
category:
- SSH
tag: []
post_format: []
Newer versions of ssh simplified the ProxyCommand directive a little in config files with ProxyJump directive.
A command line ProxyCommand may work like this for you:
$ ssh -i private_key -o "ProxyCommand ssh -W %h:%p -i private_key user@<jumphost IP address" user@<private IP address>
Config file entries like this:
$ more config
Host gw01
HostName <jumphost IP>
User <username>
IdentityFile /full/path/private_key
Host server1
HostName 10.2.3.3
ProxyJump gw01
User <username>
IdentityFile /full/path/private_key
Using ssh config you can simply ssh like this:
$ ssh server1
Or better if you have many projects using ssh with a custom config file:
$ ssh -F my-config server1
Note: I am not able to use ProxyJump as a command line one liner with the -J flag when I have private keys on both the JumpHost and Private Host. For example below does not specify the -i for the jump host and not sure it will accept it command line.
$ ssh -i key -J user@public-IP user@private-IP
Couple examples of scp using the config file and/or jumping:
rrosso@rrosso-VirtualBox:~/.ssh$ scp -F my-config -oProxyJump=gw01 /media/antergos-17.6-x86_64.iso host01:/pool/
rrosso@rrosso-VirtualBox:~/.ssh$ scp -F my-config /media/antergos-17.6-x86_64.iso gw01: