Create multi-hop SSH tunnel with different user on end machine
5,580
ssh -L 2222:username@host2:22 host1 -N
You don't specify the user here. You specify the user only in the connection, therefore
ssh -L 2222:host2:22 host1_username@host1 -N
or
ssh -p 2222 username@localhost
depends on where the username
belongs.
Related videos on Youtube
Author by
David Cullen
Updated on September 18, 2022Comments
-
David Cullen over 1 year
I have tried creating a multi-hop SSH tunnel using a command like this:
ssh -L 2222:username@host2:22 host1 -N
However, when I try to use the SSH tunnel like this
ssh -p 2222 localhost
I get this error where I run the second command
ssh_exchange_identification: Connection closed by remote host
and this error where I run the first command
channel 2: open failed: administratively prohibited: open failed
What am I doing wrong?
-
David Cullen over 7 yearsThanks. I tried a lot of different things, but I didn't even consider the
username@localhost
idea. -
Excalibur almost 7 yearsI don't think this really answers the question, as the user@host1 is different than the user@host2.
-
Jakuje almost 7 years@Excalibur it does. In the question, there is nothing about different users. But I added different users to show the usernames can be different.
-
Olivier Dulac about 4 years@Excalibur: to explain: the question shows that he can connect to host1 using no name (so using its current name, maybe root, or let's say "localuser"), but then he needed (in his mind) to use a different name,
username
, onhost2
. The 1st ssh creates (-L) a tunnel "toward" host2 port 22(=sshd), but it doesn't access that endpoint (host2:port 22) at this stage. Once it is set in place, the 2nd ssh (ssh -p 2222 username@localhost
) use the setup tunnel to arrive tohost2
's sshd, and at this point only does the incoming ssh need to specify theusername@
he needs to connect to.