I have configured ~/.ssh/config file on localhost:
### First jump host. Directly reachable
Host ServerA
Hostname 10.0.5.101
User jenny
IdentityFile /home/admin/.ssh/serverA
### Second jumphost. Only reachable via 10.0.5.101
Host ServerB1
HostName ServerB1
User james
ProxyJump ServerA
IdentityFile /home/admin/.ssh/james
### Host only reachable via serverA and ServerB1
Host ServerC1
HostName ServerC1
User root
ProxyJump ServerB1
IdentityFile /home/admin/.ssh/ServerC1
I can directly connect to ServerC1 using ssh ServerC1 command from localhost using the config above.
The issue is that there are many ServerB's and each ServerB is connected to several ServerC's. The private keys are the same for all the Servers so that's not the issue.
From localhost, I want to connect via SSH tunnel to any of ServerC1,2,3..n
ServerA /etc/hosts has all the hostname and IPs for ServerB's and each ServerB has IPs of ServerC's in it's /etc/hosts file.
Can I use pattern matching in my localhost's ~/.ssh/config file to accomplish this? Currently I am limited to connecting ServerC1 only because I specifically specified ServerB1 and ServerC1
답변1
After some help from reddit, the best answer to this problem is configuring the ~/.ssh/config file as follows: Assuming all of the ServerB* has same IdentityFile.
Host ServerA
Hostname 10.0.5.101
User jenny
IdentityFile /home/admin/.ssh/serverA
Match originalhost ServerB*
User james
ProxyJump ServerA
IdentityFile /home/admin/.ssh/james
And then at command-line:
ssh -J serverB1 -i /home/admin/.ssh/ServerC1 root@ServerC1