multi-hop ssh

假如你希望借助于机器 broker 来访问机器 target, 可以在~/.ssh/config文件中添加如下内容

Host broker             # Machine B definition (the broker)
    Hostname broker-ip  # Change this IP address to the address of the broker
    User myusername     # Change this default user accordingly 
                        # (`user@unibroker` can overwrite it)

Host target             # Machine A definition (the target host)
    ProxyCommand ssh -q broker nc hostname.or.IP.address.target.machine 22

然后使用ssh username@target即可访问目标机器 target

当需要多级跳转时，在~/.ssh/config中添加如下内容即可。

Host ruapehu
  HostName ruapehu.example.com

Host aoraki
  ProxyCommand ssh ruapehu nc aoraki 22

Host tongariro
  ProxyCommand ssh aoraki nc %h 22

当使用命令ssh aoraki时，你其实是经过如下路径访问到了 tongariro: ruapehu –> aoraki –> tongariro

参考文献

• multi-hop ssh
• Transparent Multi-hop SSH