Fork me on GitHub

ssh proxy jump post

Context

2 machines:

  • one public, available on internet: bastion-server
  • one private, not available on internet: private-server

The public machine is allow to connect the private with ssh protocol.

Setup ssh config

The trick is to make use ProxyJump directive in .ssh/config:

Host bastion-server
    User pi
    Hostname bastion-server.com
    Port 22

Host private-server
    User ben 
    Hostname private-server.com
    ProxyJump bastion-server

NB: public ssh keys must be added to these 2 servers with ssh-copy-id command for instance.

Usage

We can now execute remote commands on the private server jumping from the bastion server.

ssh private-server hostname

You can use that to add your computer @IP to the private server. This can be useful when working with a mobile phone as access point:

IP=$(curl -s ifconfig.me) && DATE=$(date +%Y-%m-%d_%T) && echo "adding $IP to ufw at $DATE" && ssh private-server sudo ufw allow from $IP comment ben-sosh-$DATE && ssh private-server sudo ufw status numbered

Source

https://www.syloe.com/rebonds-ssh/

Categories: linux, ssh