Choose any available SSH tunnel

LKM

8/5/24, 8:53 AM

I need to connect to a remote server behind jump hosts. There are several jump hosts (residing in different regions) that I can tunnel through to reach this remote server.

So I need to connect to this remote server via any available jump host. If one of the jump host is down (or I may manually choose to), my connection must automatically choose any available tunnel, through the alternate jump host to connect to the remote server.

host A ------------JumpHost1----------------remote host
          |                                 |
          |--------JumpHost2----------------|
          |                                 |
          |--------JumpHost3----------------|
          |                                 |
          |--------Jumphost4----------------|
          |                                 |
          |--------JumpHost5----------------|

176

1 + 0

linux

ssh

tunneling

tunnel

Score:3

Server

Esa Jokinen

8/5/24, 1:17 PM

Assuming -J destination (ProxyJump) is available on your version of the SSH client.

Configure your hosts (both destination and jump host) using ~/.ssh/config with the keywords found in ssh_config(5).

-J destination
Connect to the target host by first making a ssh connection to the jump host described by destination and then establishing a TCP forwarding to the ultimate destination from there. Multiple jump hops may be specified sepa‐ rated by comma characters. This is a shortcut to specify a ProxyJump configuration directive. Note that configuration directives supplied on the command-line generally apply to the destination host and not any specified jump

Because the destination hosts in both -J and ProxyHosts are visited sequentially, you cannot use this for the failover jump hosts, so your configuration would look like, e.g.,

Host target.example.com
  User username
  IdentityFile ~/.ssh/id_ed25519

Host jumphost?.example.com
  User username
  IdentityFile ~/.ssh/id_ed25519

Then, you could use the -J option in a Bash script, say jump.sh destination:

#!/bin/bash

JumpHosts=(
  "jumphost1.example.com"
  "jumphost2.example.com"
  "jumphost3.example.com"
  "jumphost4.example.com"
  "jumphost5.example.com"
)

if [ "$#" -lt 1 ]; then
  echo "Usage: $0 [user@]target.example.com" >&2
  echo "Usage: $0 ssh://[user@]target.example.com[:port]" >&2
  exit 1
fi

for JumpHost in "${JumpHosts[@]}"; do
  echo "Connecting to $1 using jump host $JumpHost..."
  if ssh -J "$JumpHost" "$1"; then
    exit 0
  fi
  echo
done

echo "No working jump hosts available." >&2
exit 1

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Choose any available SSH tunnel

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.