Created
October 23, 2020 19:04
-
-
Save mRB0/c4026257b53c8bc978dc3a30113d5292 to your computer and use it in GitHub Desktop.
SSH config for easier access to a remote host via ssh proxy, with meaningful hostnames
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Some ~/.ssh/config things I've been experimenting with. | |
| # | |
| # I need to ssh to a host (bastion) on a public IP address, and then proxy | |
| # through that host to reach another host (inner, private IP 10.0.0.53). | |
| # | |
| # This method allows me to: | |
| # | |
| # 1. Keep my private ssh key local (not stored on bastion) | |
| # 2. Avoid using agent forwarding (for strict control of how my key | |
| # can be used) | |
| # 3. Give meaningful names (aliases) to the IP addresses I'm connecting to. | |
| # 4. Use other ssh-connecting tools to "directly" connect to inner, eg. | |
| # scp/sftp. | |
| # This prevents my connections from idling out with some reliability. | |
| Host * | |
| ServerAliveInterval 15 | |
| ServerAliveCountMax 8 | |
| TCPKeepAlive no | |
| Host project-bastion | |
| HostKeyAlias project-bastion | |
| Hostname 93.184.216.34 | |
| User mrb0 | |
| LocalForward 44126 10.0.0.53:22 | |
| # Requires tunnel established first via project-bastion | |
| Host project-inner | |
| HostKeyAlias project-inner | |
| Hostname 127.0.0.1 | |
| Port 44126 | |
| User mrb0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment