Include remote forwarding in SSH ProxyCommand

networking ssh port-forwarding
5,194

ProxyCommand is not the same as using ssh server_b ssh server_a. It lets the 2nd ssh client run locally and merely speak the SSH protocol through a tunnel.

So you don't need any forwarding parameters for the jump host, only for the final connection:

Host server_a
    ProxyCommand ssh -W %h:%p server_b
    RemoteForward 6880 server_c:6880

Host server_b
    # no RemoteForward
    # no ForwardAgent, either!

Additionally, if you update your local OpenSSH client to 7.3 or later, you can use the -J option (aka ProxyJump) as a shortcut. For example, this is equal to the above config:

Host server_a
    ProxyJump server_b
    RemoteForward 6880 server_c:6880

The same in command line:

$ ssh -R 6880:server_c:6880 -J server_b server_a
Share:
5,194

Related videos on Youtube

Admin
Author by

Admin

Updated on September 18, 2022

Comments

  • Admin
    Admin over 1 year

    So I have 3 servers:

    • server_a: my target server
    • server_b: a jump server
    • server_c: another server

    Neither server_a or server_b normally have access to server_c at all. However I can use the magic of remote forwarding to provide server_c with a specific port on server_a. The following command accomplishes this:

    ssh -t -A -R 6880:server_c:22 server_b ssh -t -A -R 6880:localhost:6880 server_a

    I want to convert this bulky command into equivalant ssh_config settings. I can get the basic ssh/scp connection working through the use of a proxy command:

    host server_b
  Hostname 192.X.X.X
  User john
  IdentityFile /path/to/identity_file
  ForwardAgent yes

Host server_a
  Hostname 172.X.X.X
  User john
  ProxyCommand ssh -W %h:%p server_b

    But the above configs don't do any remote forwarding, and server_a doesn't have access to server_c at all. I tried adding in RemoteForward lines to accomplish this:

    host server_b
  Hostname 192.X.X.X
  User john
  IdentityFile /path/to/identity_file
  ForwardAgent yes
  RemoteForward 6880 server_c:22

Host server_a
  Hostname 172.X.X.X
  User john
  ProxyCommand ssh -W %h:%p server_b
  RemoteForward 6880 localhost:6880

    If I ssh directly into server_b, it seems like the remote forwarding to server_c is fine, but when I ssh straight into server_a from my laptop, access to server_c through the remote forward doesn't seem to work.

    Any suggestions would be appreciated

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

SSH to home computers
ssh -L (error: bind: Address already in use)
Remotely access a Raspberry PI
SSH into remote computer from home (Port foward)
Can't access VMware virtual machine through SSH
How can I SSH into home computer from internet
SSH gateway server
I keep on getting a error when I connect to a ssh tunnel on putty
SSH: Troubleshooting "Remote port forwarding failed for listen port" errors
Accessing to a remote PostgreSQL server using port forwarding to another machine