RJ / www.metabrew.com

Static site generation for my blog
0 stars 0 forks source link

ssh hack: connect directly to machine via a firewall box #9

Open RJ opened 3 years ago

RJ commented 3 years ago

Written on 11/17/2008 17:44:44

URL: http://www.metabrew.com/article/ssh-hack-connect-directly-to-machine-via-a-firewall-box

RJ commented 3 years ago

Comment written by Torsten Curdt on 11/18/2008 01:22:47

A simpler version http://vafer.org/blog/20061... enough for most things.

RJ commented 3 years ago

Comment written by RJ on 11/18/2008 21:25:46

Torsten, thanks, that is indeed simpler if you just need a shell.
The -oproxycommand method will transparently deal with port forwards etc for you tho, which is nice. I can still pass any of the -X, -L, -R options and it just works.

scp will work in the same way, so you can create another file "/usr/bin/sscp" and be able to copy files from remote hosts direct to your desktop via a firewall machine.

RJ commented 3 years ago

Comment written by Steven Roussey on 01/29/2009 20:05:22

The only times I don't have a VPN is on a Windows machine. I wish putty did this...

RJ commented 3 years ago

Comment written by john.jones.name on 02/21/2009 18:29:07

Nice will be tring this out as well !
thanks for the tip

John

RJ commented 3 years ago

Comment written by Chris Jones on 03/13/2009 03:11:13

See also the ProxyCommand ssh config option. Saves the need for the script and the little mental step of deciding to use a different ssh/scp/sftp call :)

$ cat ~/.ssh/config
Host gateway.company.com
ProxyCommand none
Host *.company.com my-private-host
ProxyCommand ssh myuser@gateway.company.com nc -q0 %h %p
$

RJ commented 3 years ago

Comment written by Chris Jones on 03/13/2009 03:18:40

(by which I mean, it's kinda cute to have that option in your config file - I appreciate it's functionally the same as what you have)

RJ commented 3 years ago

Comment written by RJ on 03/23/2009 20:04:20

Another useful trick is "ssh -tt" which forces tty allocation, so instead of the above you can do the following:
ssh -tt firewall.example.com ssh -tt my-vm

this opens an ssh terminal to the remote machine. You can also pass commands, so to reattach to a remote screen session you can do:

ssh -tt firewall.example.com ssh -tt my-vm screen -x

RJ commented 3 years ago

Comment written by Georges Dupéron on 05/26/2010 13:45:06

You should use "$@" instead of $*

Say you use :
sssh "param one with spaces" p2

$* will yield ssh -openblabla "param" "one" "with" "spaces" "p2"
"$@" will yield ssh -openblabla "param one with spaces" "p2"

RJ commented 3 years ago

Comment written by escorte on 03/20/2012 19:18:15

I wanted to say thanks to you for this great read!! I ve got you bookmarked to see new stuff you post.

RJ commented 3 years ago

Comment written by driveway cleaning sydney on 05/07/2012 06:44:45

good post! Full of valuable info! Keep up the good job!