This article introduces how to ssh-jump on a remote intermediate server(s) to ssh-connect into a target server with a single command.
This article assumes that All machines (including local and remote servers) share the same public and private RSA keys.
This article requires a setting for complete passwordless ssh login, described in the following posts:
Let’s assume that we have a local server (indicated as
Local in the figure) and remote servers (indicated as
R# in the figure),
in which we can use ssh between the two servers directly connected with a green line
(i.e., we can only connect from local to R0 server).
Our goal is to connect from local to any remote server with a single ssh command.
Using ProxyCommand for SSH Tunneling
~/.ssh/config in the local machine and type the following:
$ vim ~/.ssh/config Host * IgnoreUnknown UserKeychain UseKeychain yes AddKeysToAgent yes IdentityFile ~/.ssh/id_rsa Host R0 Hostname %h.postech.ac.kr Port 22 Host R1 Hostname %h.postech.ac.kr Port 22 ProxyCommand ssh -W %h:%p R0 Host R2 R3 Hostname %h.postech.ac.kr Port 22 ProxyCommand ssh -W %h:%p R1 Host R4 Hostname %h.postech.ac.kr Port 22 ProxyCommand ssh -W %h:%p R3
SSH Log-in Using Single Command
~/.ssh/config is set, we can connect to any remote server with a single command.
R4, for example:
$ ssh R4