When access remote servers, proxy server/jump host could be a good choice.
Two servers definition
This is the proxy server, normally can be in the form of
This is the target server, has the form of
This is the most simplest method which uses remote ssh command to login to target server. If just wants to use one SSH server to access another SSH server, run following command
ssh -t <jump_host> ssh <target>
-t is to create a pseudo-terminal, otherwise, the remote server could not display message because no tty can be used.
This is using SSH building proxy function.
ssh -o "ProxyJump <jump_host>" <target>
This is to run an external command to build communication. For example, use
nc command, and pass two parameters,
%h is the target host,
%p is the port.
ssh -o "ProxyCommand ssh <jump_host> nc %h %p" <target>
Use ssh client configuration
Instead of using command,
ProxyCommand can be set in ssh client configuration file.
Host <connection_name> HostName <target_host> User <target_user> ProxyCommand ssh <jump_host> nc %h %p
For one server
Host target HostName 192.168.1.2 User user1 ProxyCommand ssh user2@proxy nc %h %p
For all servers
Host * !proxy HostName %h User target_user # ProxyCommand ssh proxy_user@proxy nc %h %p
This is the same as previous example, except it is a global setting.