LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > *BSD
User Name
Password
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.

Notices


Reply
  Search this Thread
Old 04-13-2018, 04:55 AM   #1
Turbocapitalist
Senior Member
 
Registered: Apr 2005
Distribution: Ubuntu, Devuan, OpenBSD
Posts: 3,191
Blog Entries: 3

Rep: Reputation: 1399Reputation: 1399Reputation: 1399Reputation: 1399Reputation: 1399Reputation: 1399Reputation: 1399Reputation: 1399Reputation: 1399Reputation: 1399
ProxyJump on ssh(1) while crossing rdomain(4)


If I have three hosts, such that A and C are only accessible to each other using B as a bastion/jump host, then what is the right way to cross rdomains and still use ProxyJump?

Code:
          +--------------------+
+---+     |       machine B    |     +---+
| A +-----+ rdomain || rdomain +-----+ C |
+---+     |   10          22   |     +---+
          +--------------------+
Without multiple rdomains on host B, the following works from host A:

Code:
ssh -J me@B me@C
When A and B are on different routing tables or rdomains on host B, it looks like the following is the only a way:

Code:
ssh -t me@B 'route -T22 exec ssh me@C'
However, that means that C is in trouble if B becomes compromised.

Is there a way to use ProxyJump (-J) and still transition between the two routing tables on B?

Edit: netcat works here to preserve the encryption and pass it through to the next machine in the chain. However, it uses ProxyCommand instead which is more complex than ProxyJump.

Code:
ssh -o ProxyCommand="ssh me@B route -T22 exec nc %h %p" me@C
Still looking for some way to do it with ProxyJump alone, but that might be impossible.

Last edited by Turbocapitalist; 04-15-2018 at 11:52 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Crossing the Chasm LXer Syndicated Linux News 0 04-04-2013 09:10 AM
LXer: Crossing the OS Divide With Linux LXer Syndicated Linux News 0 12-13-2006 06:33 PM
crossing over KezzerDrix MEPIS 5 06-10-2005 05:50 PM
Crossing into Linux Patbuzz86 Linux - Newbie 22 03-27-2004 12:18 AM
Crossing 100 DMR General 4 08-04-2001 01:13 AM

LinuxQuestions.org > Forums > Other *NIX Forums > *BSD

All times are GMT -5. The time now is 09:13 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration