Friday, June 21, 2013

Using ssh's ProxyCommand and netcat to access Servers with no Public IP

It is not unusual to have servers with no public IP address.  In some cases you can access these servers via VPN, or utilize alternate ports for SSH, but sometimes that is just inconvenient and you need to hop through another server.  This can be accomplished using the ssh ProxyCommand configuration directive in ~/.ssh/config, and netcat.

For example, if I can ssh to 'machine-a' and from machine-a can ssh to 'machine-b' I could add the following into my ~/.ssh/config file

Host machine-b
ProxyCommand ssh -q machine-a nc -q0 machine-b 22

I then would use 'ssh machine-b' from the commandline to tunnel through machine-a.

No comments:

Post a Comment