SSH Tunnelling with different users
Hi,
I have 2 machines ('a' and 'b'), and I want to connect to a server as user 'x' which only has the ssh key (public) of machine 'a'. Now, if I'm 'user_a' in host 'a', in order to connect to the server I Code:
ssh x@server Code:
$ ssh user_a@a I tried tunneling before, and it worked, but this doesn't work as I expected Code:
$ ssh -f -N -L port:server:22 user_a@a #create tunnel Google wasn't a good teacher at this one. Everything I found was for the same user. What can I do to accomplish my task (if anything)? I just want to avoid typing 2 calls to ssh, no tunnel is actually necessary. But obviously I don't want to automatically ssh to 'server' everytime I ssh to 'a'. |
In the ~/.ssh/authorized_keys file you can specify commands and restrictions (or in your case just an ssh command). The -i option of ssh allows you to specify which private key to use. In the following example I'll specify three machines: mycomputer, servera, serverb. Here's how you would set that up.
On mycomputer Code:
ssh-keygen Code:
ssh-keygen Code:
from="mycomputer",command="/usr/bin/ssh -i /home/user2/.ssh/id_serverb user3@serverb" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3Sm/nKO3MFyKfDxrPMZxQo4rNCpAPivVLNwB01hKeKtpTyoyhXNyZ9R1qml4iGLxrA0FtMy1WZIefqJ3fI9YemRVZDcUTud9kn6uNEMM0I0ZqOGZH0ILRafHMFlgjGU5TbReuJs9Gk2aOdLME8h3/N843Z0uNmncBLWEBDBwnWuJQx2RaLxjTMqheFm3Fn5FXfbmFYBAMj+ZuPXLXGgKZGvT6n0o0JmXryur94LZSJeNREhTTZlWs2fpZw6l8kVa14Ppqvz+x9NhQ07312VKfyi2hsxDNzGJwXEffnb/ir8q+CIj1vzRE8RnOm3FgRONxyyglcUEu8Y209ShXUAfV sam@farcry.irt.drexel.edu So now that we have everything set up you can get to serverb from mycomputer with a single command. Code:
ssh -i ~/.ssh/id_servera user2@servera For more information see "AUTHORIZED_KEYS FILE FORMAT" of the authorized_keys man page. SAM |
Thanks alot :D that should cover my needs! Never even thought the ~/.ssh/authorized_keys could have extra info on it. A bit bothersome to create a key-pair just for this, but on the other hand it's a one-time setup.
There's no tunneling like the post title sugests, but problem solved anyways. You, sir, just gave me alot more power with ssh! Thank you very much! EDIT: I thought scp would use an underlying ssh, but apparently if I scp -i key it just hangs, so I assume it's doing the ssh command in the authorized_keys file. Probably the same for sshfs, so this doesn't have the effect I was expecting at first :( What's the solution/workaround? EDIT2: Maybe I can work something out with the SSH_ORIGINAL_COMMAND variable. EDIT3: Yes, that's the trick :) everything is working great now. Thanks! |
All times are GMT -5. The time now is 12:26 AM. |