Open radix opened 6 years ago
In order to use jump hosts with Krypton, you have to use a slightly different config (the ProxyJump
shorthand doesn't use krssh
to parse the server signature, so we have to write out the full ProxyCommand
).
We have a guide to set this up here: https://krypt.co/docs/ssh/using-a-bastion-host.html
Please let us know if you have any questions.
I have an ssh setup where I connect to a bunch of different hosts, and also connect to some hosts via ProxyJump. This means I have to authorize a LOT of connections with my phone -- the ProxyJump ones in particular can't get cached at all, because they don't have any hostname associated with them. I believe this is a limitation of the ssh-agent protocol or openssh client.
I have resorted to just choosing "Never ask" and disabling "Always ask for unknown hosts" in my krypton app's settings, but I consider this a reduction in security. What I want is a way to allow all connections from a particular device for a limited time. I don't believe there's a way to do that currently.