Tag: proxy

SSH Proxy

SSH Proxy

When access remote servers, proxy server/jump host could be a good choice.

Two servers definition


This is the proxy server, normally can be in the form of user@proxy_host.


This is the target server, has the form of target_user@target_host.

Jump host

This is the most simplest method which uses remote ssh command to login to target server. If just wants to use one SSH server to access another SSH server, run following command

ssh -t <jump_host> ssh <target>

Here -t is to create a pseudo-terminal, otherwise, the remote server could not display message because no tty can be used.

Proxy Jump

This is using SSH building proxy function.

ssh -o "ProxyJump <jump_host>" <target>

Proxy Command

This is to run an external command to build communication. For example, use nc command, and pass two parameters, %h is the target host, %p is the port.

ssh -o "ProxyCommand ssh <jump_host> nc %h %p" <target>

Use ssh client configuration


Instead of using command, ProxyJump and ProxyCommand can be set in ssh client configuration file.

Host <connection_name>
  HostName <target_host>
  User <target_user>
  ProxyCommand ssh <jump_host> nc %h %p

For one server

Host target
  User user1
  ProxyCommand ssh user2@proxy nc %h %p

For all servers

Host * !proxy
  HostName %h
  User target_user
  # ProxyCommand ssh proxy_user@proxy nc %h %p


This is the same as previous example, except it is a global setting.


4 ways to SSH & SCP via proxy (jump) server in Linux