Unsurprisingly, the swiss army knife that is *NIX can solve an amazing array of problems without much fuss. For the past few years, I’ve needed to SSH into any of an array of machines behind many remote NAT routers. I’ve been getting by, until now, by directly SSHing to the router on the network I needed into, then SSHing again into the target machine. This is annoying at best, and error-prone at worst. Thanks to a CERN article, I’ve learned a better way…
All it takes is a client-side SSH
.config file modification, like so:
Host gateway Hostname vpn-concentrator.yourdomain.com Host *.myvwan.com ControlPath ~/.ssh/%h.%p.%r ControlMaster auto ForwardAgent yes GSSAPITrustDNS no ProxyCommand ssh gateway /usr/bin/nc %h %p 2> /dev/null
This configures SSH to use NetCat on the alias
gateway to reach any destination ending with
.myvwan.com. Quite easy to set up, requires no scripting or extra package installations, and makes all my SSHing easier!