SSH connection through host in the middle; with key redirection

ssh -o "ProxyCommand ssh user@reachable_host -W %h:%p" user@unreacheable_host
This command uses the reachable_host as a proxy; redirecting your request to the unreachable_host. The main advantage is that you need only one ssh key. You copy the public part to both servers and you can access the unreachable_host without a problem. Also, you can put this on ~/.ssh/config to access the unreachable_host directly: # config unreachable_host ProxyCommand ssh user@reachable_host -W %h:%p and, then, just ssh user@unreachable_host.

4
By: renich
2015-06-26 06:23:14

2 Alternatives + Submit Alt

What Others Think

This works great and I've been using it to reach a machine on a LAN through another machine on that LAN. Is it possible to also set up SSH tunnels to unreachable_host this way? Where would I add the options for that?
jonsson · 108 weeks and 2 days ago
No idea, man. Never tried that.
renich · 108 weeks and 2 days ago

What do you think?

Any thoughts on this command? Does it work on your machine? Can you do the same thing with only 14 characters?

You must be signed in to comment.

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands



Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: