Home / server / Questions / 954281
Accepted
ZZ9
Asked: 2019-02-17 07:08:45 +0800 CST

How to SSH directly to target via jumphost using SSH Config without additional ssh command

  • 772

If I do:

ssh -J jumphost.example.com target.example.com

I end up immediately logged on to 'target'.

If I use this ssh config file, using the newer ssh-7.3 jump config:

Host jump 10.1.*, targets*, *.example.com
  HostName jumphost.example.com
  IdentitiesOnly yes
  AddKeysToAgent yes
  UseKeychain yes
  IdentityFile ~/.ssh/id_rsa

Host *
  AddKeysToAgent yes
  UseKeychain yes
  IdentityFile ~/.ssh/id_rsa

I end up logged into 'jumphost' not 'target'

They keychain stuff is for mac, I have tested without it and it makes no difference but thought I'd leave it in just in case.

linux

2 Answers

  1. Best Answer

    You end up logged in to the jump host because your configuration explicitly says to ignore the hostname you specified and log in to the jump host.

      HostName jumphost.example.com

    HostName overrides the hostname specified on the command line.

    If you are trying to automatically use a jump host without having to specify it on the ssh command line, the correct config file option is ProxyJump. For example:

    Host everything, behind, jumphost, *.example.com
  ProxyJump jumphost.example.com

    Now you can just run ssh target.example.com and you will go through the jumphost.

    • 21

  2. The problem is that the Host definition catches both jumphost.example.com AND target.example.com as aliases, it then sets HostName to jumphost.example.com in both cases.

    I would suggest making the aliases following the Host command NOT fully qualified domain names, then creating a Host entry for each

    • 2