Join Log in
Score:0
Georg Heiler avatar Server

ssh TOTP connection with jump host forwarding

ru flag
Georg Heiler

How can I simplify this? Perhaps using agent forwarding?

I have an SSH jump host with 2FA via TOTP x2 and a machine which uses 2FA as well(jump host and machine):

ssh [email protected] -L 22222:my_machine.corp.com:22
# requires password + 2FA TOTP code
ssh myuser@localhost -p 22222
# requires password + 2FA TOTP code

How can I ideally simplify this (via SSH config or so) to simply call ssh myhost and then if needed be asked for the 2FA and password 2x - but not having to connect 2x

77
0 + 0
ssh
Score:1
Saïmonn avatar Server
in flag
Saïmonn

You can use the ProxyJump option of the ssh client to achieve that:

ssh -J [email protected] my_machine.corp.com

or as an entry in ~/.ssh/config:

Host my_machine.corp.com
  ProxyJump [email protected]
0 + 0
Georg Heiler avatar
ru flag
Georg Heiler
I experimented with it earlier today - but somehow got a too many failed attempt error this way
0
Reply
Saïmonn avatar
in flag
Saïmonn
I've not experimented with 2FA on ssh. I there a possiblity for you to use private/public key authentication instead ? I guess the prompt for 2FA can be messing with tunneling/ProxyJump
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.