There was a post on my own blog in February about how to log in directly to lab machines, hopping through Lee in a transparent way. Proxy SSH was described in this helpful article. It consists of running “nc” (netcat) on one machine to pass all of the ssh connection onto another machine.
It depends on public-key authentication and a behind-the-scenes proxy authentication so you don’t have to log in twice. Using the .ssh/config file to automate the details, once setup you don’t even see the proxy.
- Your login name is pikachu;
- and created a key pair id_rsa_pikachu/id_rsa_pikachu.pub;
- you wish to proxy through lee to get to shiloh.
Add id_rsa_pikachu.pub to lee:~/.ssh/authorized_keys. Since shiloh and lee share your home directory, shiloh now knows this public key as well. In the .ssh/config on your local machine, add:
ProxyCommand ssh -o StrictHostKeyChecking=no lee nc %h 22
Then from you local machine log into shiloh with “ssh shiloh”. As a bonus, scp’s such as scp this-file shiloh:that-file will work as well.