123HELPDESK

IT professionals voor ondernemers

ssh via een proxy PDF Afdrukken

ssh Proxy Commando om een tunnel te maken met twee computers (hosts)


See also here

situatie:

[workstation]  -> [jouw_server] -> [gatewayserver] -> [trusted_servers1]

De enige manier om de vertrouwde servers te bereiken is via de gateway-server, die weer is alleen bereikbaar vanuit "jouw server".
SSH kan vanuit je computer direct naar de trusted_server1 komen via de ProxyCommand.
Er wordt een automatische hop gemaakt van workstation naar de trusted_server
 

Van [workstation] login op [tursted_servers1] gebruikmakend van de ssh/ scp commando :

# ssh trusted_server1

of

# scp filename trusted_server1:/home/

Step one: Connect to the gateway server "directly" from the notebook


The following lines added to .ssh/config help to be able to directly login into the gatewayserver from my notebook:


host gatewayserver
user userongatewayserver
Hostname gatewayerver.fqdn
ProxyCommand ssh yourserver nc %h %p 2> /dev/null

As you can see I also had to specify a differnt username, as the one on "yourserver" is different from the one on "gatewayserver". Now I can do

ssh gatewayserver

and I can login directly to it.


Step two: Login to the trustedserver1

Logically we only need to do the same thing again to end at the trustedserver1. Be surprised, it is really that way easy! Just add the following lines to your .ssh/config:

host trustedserver1
   Hostname trustedserver1.fqdn
   ProxyCommand ssh gatewayserver nc %h %p 2> /dev/null

And now my aim is reached,

ssh trustedserver1
 
< Vorige