I've been trying this for a long time and I have not yet found a good solution. I have several servers behind a NAT that all run an SSH daemon. One of the machines is my main server which gets the SSH port forwarded to it. What I want is basically open a connection to other NATed servers by going through the main server similar to what I can achieve by opening a connection to the main server and then SSHing in to the destination. Since there are some applications that run on top of SSH I'd like to make automate this in order to run rsync or git on top of the connection itself.
Is there a reverse proxy for SSH?
Answer
You can do this using ProxyCommand and netcat in .ssh/config:
# Your 'gateway' server.
Host gateway
# Any other server.
Host server1
ProxyCommand ssh gateway /bin/netcat %h %p
If you do ssh server1, you will open an SSH connection from your current location to your 'gateway' server, which will open a TCP connection to server1. This TCP connection will serve as the connection for SSH between your current location and server1.
Edit: This technique is commonly called 'ssh jumphost'.
No comments:
Post a Comment