A while ago in the Transparent SSH host-jumping (Advanced) post I
described a technique on how one could jump quite effortlessly through a chain
of intermediate hosts. However, there was a catch: the user names and ports
across the whole chain should be the same and there was no easy way to change
Given that I recently paid quite a lot of attention to the ProxyCommand
directive I decided to look into the implementation of the helper script that
will allow one to tweak parameters for the hosts in the chain.
I was involved in the creation of the sshephalopod project, which was an
attempt to build an enterprise level authentication framework for SSH
authentication using the SSH CA feature.
The project is based on a wrapper script that signs a user via a SAML identity
provider and gets user’s public key signed for the further usage.
In one of the discussions I pointed out that such a wrapper script is not good
for the end user experience and I proposed to provide the users with an excerpt
for their ssh config file, so the functionality of sshephalopod would be
time 5 min.
In this brief article I am going to describe how I resolved a nagging issue I
had with setting up access to hosts which are not directly reachable, but where
you need to forward your connection through an intermediate host.
Previously, I was using the local SSH port-forwarding technique (although I
was configuring hosts I connect to in the ~/.ssh/config file instead of
using the command-line options). However, this approach turned out to be quite
inconvenient since every time I wanted to connect to a new host (and, possibly,
through a new intermediate host) I had to edit my
time 6 min.
I think all of you are using SSH in your daily routines. However, do you use
its full potential? Today’s topic is the SSH port-forwarding feature and how
it can be use to achieve some interesting configurations.
I’m sure most of you are aware of the feature, but how many of you are using
it? Personally, I’m a bit obsessed with it and have found numerous cases where
this feature of SSH is a real life saver.
Let’s start with simple things and imagine that you have a server where you
are running MySQL (as a
time 2 min.