This article introduces how to ssh-jump on a remote intermediate server(s) to ssh-connect into a target server with a single command.

This article assumes that All machines (including local and remote servers) share the same public and private RSA keys.

This article requires a setting for complete passwordless ssh login, described in the following posts:

# Connection Example

Let’s assume that we have a local server (indicated as Local in the figure) and remote servers (indicated as R# in the figure), in which we can use ssh between the two servers directly connected with a green line (e.g., we can only connect from local to R0 server).

Our goal is to connect from local to any remote server with a single ssh command.

# Using ProxyCommand for SSH Tunneling

Open up ~/.ssh/config in the local machine and type the following:

$vim ~/.ssh/config Host * IgnoreUnknown UserKeychain UseKeychain yes AddKeysToAgent yes IdentityFile ~/.ssh/id_rsa Host R0 Hostname %h.postech.ac.kr Port 22 Host R1 Hostname %h.postech.ac.kr Port 22 ProxyCommand ssh -W %h:%p R0 Host R2 R3 Hostname %h.postech.ac.kr Port 22 ProxyCommand ssh -W %h:%p R1 Host R4 Hostname %h.postech.ac.kr Port 22 ProxyCommand ssh -W %h:%p R3  # SSH Loggin-In Using Single Command Once ~/.ssh/config is set, we can connect to any remote server with a single command. Connecting from Local to R4, for example: $ ssh R4


Tags:

Categories:

Updated: