复杂的SSH隧道

时间:2019-01-23 13:40:51

标签: ssh-tunnel

我正在尝试解决一个复杂的SSH隧道问题,似乎无法完全解决问题。

简单地说:

ME->堡垒:22->实例:8500

堡垒使用与实例不同的用户名和密钥。我希望能够从localhost:1234访问实例上的端口1234

现在我有以下内容:

Host bastion
  HostName bastion.example.com
  ForwardAgent yes
  IdentityFile ~/.ssh/id_ecdsa
  User spanky

Host internal
  ForwardAgent yes
  HostName consul.internal
  IdentityFile ~/.ssh/aws.pem
  ProxyJump bastion
  User ec2-user
  Port 8500

但是我认为我没有。

以下两个命令有效,但我试图将它们提炼为有效的配置:

ssh -L 2222:10.0.0.42:22 bastion.example.com -N -i ~/.ssh/id_ecdsa
ssh -L 8500:localhost:8500 ec2-user@localhost -N -i ~/.ssh/aws.pem -p 2222

1 个答案:

答案 0 :(得分:0)

使用最新版本的ssh,您应该可以使用:

ssh -L1234:localhost:1234 -J spanky@bastion.example.com ec2-user@consul.internal

来自man ssh

 -J destination
         Connect to the target host by first making a ssh 
         connection to the jump host described by destination and then
         establishing a TCP forwarding to the ultimate destination from there. 
          Multiple jump hops may be specified separated by comma characters.
          This is a shortcut to specify a ProxyJump configuration directive.
相关问题
最新问题