tunnel configuration in .ssh/config

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Dear all,
to connect via a proxy to a target machine using a ssh tunnel, I have
a script that works fine like this:

ssh -M -S /tmp/sshtunnel.ctl -Y -N -f -L 1312:target.com:2222
ssh -p 1312 -X -Y target-login@localhost
ssh -S /tmp/sshtunnel.ctl -O exit proxy.com

Would it be possible to translate this into a .ssh/config entry?
I started writing somethng like:

Host target
    HostName target.com
    User target-login
    LocalForward 1312 proxy.com:2222

but it doesn't work..

Many thanks

Re: tunnel configuration in .ssh/config

iltommi schrieb:
Quoted text here. Click to load it

You can find information on -M -S options in man ssh. You will find a
reference to man 5 ssh_config, description of ControlMaster, ControlPath
for details.

Nevertheless, you have two ssh-connections in this setup. A simpler way
would be, to type

ssh -At proxy.com ssh target-login@target.com

(if you have publickeyauthentication on proxy.com and target.com)

If you like to use tunnels, you could try

ssh -fL 1312:target.com:2222 proxy.com "sleep 10" ; \
ssh -X -Y -p 1312 target-login@localhost

If you have nc on proxy.com, you could try to write

host target
  HostName target.com
  User target-login
  Port 2222
  ProxyCommand ssh proxy.com nc %h %p

to your ~/.ssh/config and then type

ssh target


Re: tunnel configuration in .ssh/config

Wolfgang Meiners schrieb:
Quoted text here. Click to load it

I think, there will be no X-forwarding in this setup

Quoted text here. Click to load it

here, you should have X-forwarding

Quoted text here. Click to load it

ssh -X -Y target

and you will have X-forwarding. Or add

  ForwardX11 yes
  ForwardX11Trusted yes

to the target-part of ~/.ssh/config
I am not sure, wether you need both ForwardX11 and ForwardX11Trusted or not.

Quoted text here. Click to load it

Re: tunnel configuration in .ssh/config

Quoted text here. Click to load it

Thanks for the answer, in fact my problem was just to "polish" the way
I was connecting to the target machine.

My script work well,
1) it creates a tunnel,
2) then connects trough the tunnel
3) and it even close the tunne once I log out.

I was wondering if it was possible to translate those 3 commands
together inside the .ssh/confg file.

It seems to me that it is not possible, I'll look more in detail the
ControlMaster and ControlPath, but I need also a postcommand to
connect and a postcommand close the tunnel in a clean way.

thanks a lot!


Site Timeline