I regularly need to connect to SSH hosts behind a firewall via a single SSH host with SSH access enabled.
Since I am connecting to many hosts through this proxy SSH host I can make my life a little easier by adding some entries to my ~/.ssh/config file:
If I add the following:
ProxyCommand ssh -q sshgateway.domainname.com nc internalhost 22
I can use the command:
This will first ssh to sshgateway.domainname.com (the host with SSH open in the firewall) and then SSH to internalhost on port 22. The first time connecting you may want to answer ‘yes’ to add the host to your known_hosts file and you may also want to copy your SSH public key to avoid having to enter too many passwords:
If you have not already done so you can create SSH keys on your client with the command:
The ~/.ssh/config file can be used for other time-saving shortcuts including specifying the SSH port (if not using the default 22), the user and the hostname e.g.