When working with enterprises, you're likely going to have to hop through a few tunnels to connect to the host you want to work on – and this can be a very tedious task manually, but it doesn't have to be.
Welcome to the wonderful world of .ssh/config – where, in this example, we'll define a host and jump through another server in order to connect to it.
Start by editing your ~/.ssh/config file (or, creating if you don't have one already). You'll want to add the following block, replacing the variables ($$) with your data as necessary:
Host $$hostname$$ HostName $$hostipaddress$$ User $$hostusername$$ ProxyCommand ssh $$tunnelserver$$ nc %h %p IdentityFile /home/$USER/.ssh/id_rsa IdentitiesOnly yes
In here, we define our host (eg, we can do: "ssh kellysserveronprem"), it will hit this host block. We've told our server the host's real IP address (eg, 188.8.131.52), the username we want to ssh as (eg, "ed"), our identity file for SSH, and to use identities. Then, we have this "ProxyCommand" block – ProxyCommand is what lets us use our tunnel server first, so instead of the ssh path looking like this:
On the backend, here's the "true" path it will take:
It's important to note you're not limited to just one hop here, you may require multiple ProxyCommand targets, and you can specify them all on one line. If you're using something like Visual Studio Code and want to connect to remote instances in an enterprise network, use an sshd config file and your tunnel server like this – it makes life easier when trying to work remotely.
Subscribe to Kuby
Get the latest posts delivered right to your inbox