Use bastions config file for server configuration

mikestreety

12/13/23, 10:58 AM

I'm in the process of setting up a jump server/bastion host for several of our developers and was wondering if it is possible to use the config file on the bastion for final server resolution.

E.g. we have

developer
bastion
client

Currently, I have the following in the developer .ssh/config

Host bastion
  HostName bastion-address.com
  User developer

Host client
  User client-user
  HostName client-ip
  ProxyJump bastion

However, what would be great is if I could set the client user & ip on the bastion. That way, the developer doesn't need to know the details, just the Host name to connect.

So would imagine something like the following on the developer laptops:

Host bastion
  HostName bastion-address.com
  User developer

Host client-server
  HostName client-name
  ProxyJump bastion

And then this on the Bastion:

Host client-name
  User client-user
  HostName client-ip

Hope that makes sense.

1 + 2

ssh

bastion

diya

12/13/23, 11:42 AM

The "problem" is that "ProxyJump" works by TCP forwarding traffic to `client` over the connection to the bastion server. It doesn't run a ssh (or any other helper command ) on the bastion, so it won't use/read configuration files there either.

mikestreety

12/13/23, 12:28 PM

That's kind of what I expected, I didn't know if I could use `ProxyCommand` instead to utilise the bastion host?

Score:0

Server

John Mahowald

12/15/23, 3:37 PM

Use DNS.

Create AAAA records for bastion.example.net, client.example.net and so on with the IPs in question.

Delete IP addresses in ssh_config.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Use bastions config file for server configuration

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.