hareeshpc/Setup Bastion Host.md

Last active January 29, 2018 20:31

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/hareeshpc/d2356252268c8f8db1606d07a298e255.js"></script>
Save hareeshpc/d2356252268c8f8db1606d07a298e255 to your computer and use it in GitHub Desktop.

Download ZIP

Raw

Setup Bastion Host.md

Reference

https://www.nadeau.tv/ssh-with-a-bastion-host/

One Liner

ssh -o ProxyCommand='ssh -W %h:%p user@bastion' user@target

Config based

To let scp/rsync/debuuger connect, edit your ~/.ssh/config file to define the proxy command and other params. For example:

Host bastion  # if bastion is not in your /etc/hosts
  Hostname my-bastion-host.example.com

Host my_server  
  Hostname 10.0.1.18 # Not really needed
  ProxyCommand ssh bastion -W %h:%p

then you can use: $ ssh my_server

Two things:

Make sure your keys are available in the authorized keys of the target.
On the bastion, set option PermitTunnel yes in the /etc/ssh/sshd_config. Restart ssh

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment