The World According To Vissie

User Tools

Site Tools

Trace:
ssh

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
ssh [2021/07/06 04:55] – created vissiessh [2021/10/06 03:19] (current) – [CentOS] vissie
Line 232: Line 232:
  
 Happy days... Happy days...
 +
 +
 +====ProxyJump====
 +The ProxyJump, or the -J flag, was introduced in ssh version 7.3. To use it, specify the bastion host to connect through after the -J flag, plus the remote host:
 +  ssh -J <bastion-host> <remote-host>
 +You can also set specific usernames and ports if they differ between the hosts:
 +  ssh -J user@<bastion:port> <user@remote:port>
 +The ssh man (or manual) page (man ssh) notes that multiple, comma-separated hostnames can be specified to jump through a series of hosts:
 +  ssh -J <bastion1>,<bastion2> <remote>
 +
 +====Hard-coding proxy hosts in config====
 +The -J flag provides flexibiltiy for easily specifying proxy and remote hosts as needed, but if a specific bastion host is regularly used to connect to a specific remote host, the ProxyJump configuration can be set in ~/.ssh/config to automatically make the connection to the bastion en-route to the remote host:
 +<sxh bash; gutter: false>
 +### The Bastion Host
 +Host bastion-host-nickname
 +  HostName bastion-hostname
 +
 +### The Remote Host
 +Host remote-host-nickname
 +  HostName remote-hostname
 +  ProxyJump bastion-host-nickname
 +Using the example configuration above, when an ssh connection is made like so:
 +</sxh>
 +  ssh remote-host-nickname
  
 =====Reverse proxy===== =====Reverse proxy=====
Line 240: Line 264:
  
 Remote port 7000 will be created from localhost on port 5901 into remote server that has ssh on 1234 Remote port 7000 will be created from localhost on port 5901 into remote server that has ssh on 1234
 +  vim ./port_forward.sh
 +<sxh bash; gutter: false>
 +#!/bin/bash
 +## for kvm setups
 +#ssh -p1234 myserver.ip.add -L 5901:127.0.0.1:5901
 +
 +# For my IP cameras https://127.0.0.1:5000/
 +#ssh -L 5001:192.168.1.22:443 sshservername
 +# For my IP cameras https://127.0.0.1:5000/
 +ssh -L 5000:192.168.1.23:80 sshservername 
 +
 +# For zmninja
 +#ssh -L 5000:192.168.1.2:1234 sshservername
  
 +# My Router
 +#ssh -L 5000:192.168.1.1:80 sshservername
 +</sxh>
ssh.1625572516.txt.gz · Last modified: 2021/07/06 04:55 by vissie

Page Tools