我正在尝试解决一个复杂的SSH隧道问题,似乎无法完全解决问题。
简单地说:
ME->堡垒:22->实例:8500
堡垒使用与实例不同的用户名和密钥。我希望能够从localhost:1234访问实例上的端口1234
现在我有以下内容:
Host bastion
HostName bastion.example.com
ForwardAgent yes
IdentityFile ~/.ssh/id_ecdsa
User spanky
Host internal
ForwardAgent yes
HostName consul.internal
IdentityFile ~/.ssh/aws.pem
ProxyJump bastion
User ec2-user
Port 8500
但是我认为我没有。
以下两个命令有效,但我试图将它们提炼为有效的配置:
ssh -L 2222:10.0.0.42:22 bastion.example.com -N -i ~/.ssh/id_ecdsa
ssh -L 8500:localhost:8500 ec2-user@localhost -N -i ~/.ssh/aws.pem -p 2222
答案 0 :(得分:0)
使用最新版本的ssh,您应该可以使用:
ssh -L1234:localhost:1234 -J spanky@bastion.example.com ec2-user@consul.internal
来自man ssh:
-J destination Connect to the target host by first making a ssh connection to the jump host described by destination and then establishing a TCP forwarding to the ultimate destination from there. Multiple jump hops may be specified separated by comma characters. This is a shortcut to specify a ProxyJump configuration directive.