benyanke · October 27, 2017 22:13
diff --git a/SSH Config Example b/SSH Config Example
 # Example SSH configuration file for bastion host SSH passthrough
 # These lines would go in a file such as ~/.ssh/config

 # No keys are exposed to `middleman` or `home`, they only proxy the encrypted traffic.

 #########################
 # Basic example
 #########################

 Host middleman
        User    johndoe
        HostName middleman.example.com

        # This key is used to connect to [middleman]
        IdentityFile    ~/.ssh/keys/middlemankey

 Host endpoint
        User    johndoe
        HostName endpoint.example.com

        # This key is used to connect to [middleman]
        IdentityFile    ~/.ssh/keys/endpointkey

        ProxyCommand ssh middleman nc %h %p



 #########################
 # Real life example
 #########################
 # Note that the hostname is calculated from the perspective
 # of the middleman host. Therefore, you can use any IP available
 # to the middle system

 # This example allows you to run `ssh desktop` from anywhere, and it will
 # connect, provided your home server is accessable.

 # Your home server, running on your LAN with port 22 exposed
 # via NAT forwarding
 Host home
        User    johndoe
        HostName home.example.com

        # This key is used to connect to [middleman]
        IdentityFile    ~/.ssh/keys/middlemankey

 # Your home desktop, only on your LAN
 Host desktop
        User    johndoe
        HostName 192.168.1.2

        # This key is used to connect to [middleman]
        IdentityFile    ~/.ssh/keys/desktopkey

        ProxyCommand ssh home nc %h %p
        
        
        
 # These can nest infinitely deep, so by way of example, you
 # could use the following command to SSH directly into a VM running on 
 # your desktop, while the VM's network is only accesable from directly
 # on the desktop, not the rest of the home LAN
 # Your home desktop, only on your LAN

 # This would tunnel your traffic through [home]->[desktop]->[desktopvm].

 Host desktopvm
        User    johndoe
        HostName 10.10.10.2

        # This key is used to connect to [middleman]
        IdentityFile    ~/.ssh/keys/vmkey

        ProxyCommand ssh desktop nc %h %p
	# Example SSH configuration file for bastion host SSH passthrough
	# These lines would go in a file such as ~/.ssh/config

	# No keys are exposed to `middleman` or `home`, they only proxy the encrypted traffic.

	#########################
	# Basic example
	#########################

	Host middleman
	User johndoe
	HostName middleman.example.com

	# This key is used to connect to [middleman]
	IdentityFile ~/.ssh/keys/middlemankey

	Host endpoint
	User johndoe
	HostName endpoint.example.com

	# This key is used to connect to [middleman]
	IdentityFile ~/.ssh/keys/endpointkey

	ProxyCommand ssh middleman nc %h %p



	#########################
	# Real life example
	#########################
	# Note that the hostname is calculated from the perspective
	# of the middleman host. Therefore, you can use any IP available
	# to the middle system

	# This example allows you to run `ssh desktop` from anywhere, and it will
	# connect, provided your home server is accessable.

	# Your home server, running on your LAN with port 22 exposed
	# via NAT forwarding
	Host home
	User johndoe
	HostName home.example.com

	# This key is used to connect to [middleman]
	IdentityFile ~/.ssh/keys/middlemankey

	# Your home desktop, only on your LAN
	Host desktop
	User johndoe
	HostName 192.168.1.2

	# This key is used to connect to [middleman]
	IdentityFile ~/.ssh/keys/desktopkey

	ProxyCommand ssh home nc %h %p



	# These can nest infinitely deep, so by way of example, you
	# could use the following command to SSH directly into a VM running on
	# your desktop, while the VM's network is only accesable from directly
	# on the desktop, not the rest of the home LAN
	# Your home desktop, only on your LAN

	# This would tunnel your traffic through [home]->[desktop]->[desktopvm].

	Host desktopvm
	User johndoe
	HostName 10.10.10.2

	# This key is used to connect to [middleman]
	IdentityFile ~/.ssh/keys/vmkey

	ProxyCommand ssh desktop nc %h %p