Direct ssh access to our web server is not a good idea.
We should not allow our ssh access to global(public 0.0.0.0, :::0).
We have lots of the choices for our ssh access security.
We should not allow our ssh access to global(public 0.0.0.0, :::0).
We have lots of the choices for our ssh access security.
In this tutorial I would share
how to use ssh proxy to pass the gateway
and
how to set ssh configuration into ur local machine.
how to use ssh proxy to pass the gateway
and
how to set ssh configuration into ur local machine.
Normally we have to ssh login to our gateway server first.
Then We have to login again to our webserver from our gateway server.
SO we should skip to logging into our jump server manually.
OK, Here we go!
Then We have to login again to our webserver from our gateway server.
SO we should skip to logging into our jump server manually.
OK, Here we go!
Normal ssh login
ssh -i ~/key/jumpserver.pem ec2-user@xxx.xxx.xxx.xxxLet's log in using the shortcut.
We need to create a configuration file, so please modify or create the ~/.ssh/config file.
We need to create a configuration file, so please modify or create the ~/.ssh/config file.
vi /.ssh/config ~/.ssh/config
Put the following code into your ~/.ssh/config file and save it.
Host *
IdentitiesOnly yes
Host jumpserver
HostName xxx.xxx.xxx.xxx
User ec2-user
IdentityFile ~/key/jumpserver.pem
host webserver
HostName yyy.yyy.yyy.yyy
User ec2-user
IdentityFile ~/key/webserver.pem
ProxyCommand ssh -W %h:%p jumpserver Test your config jump server
ssh jumpserverI hope this article would help your need.
Thank you for taking the time to read my article. I hope you find it helpful. Please feel free to reach out if you have any questions or would like to discuss further.
Thank you for taking the time to read my article. I hope you find it helpful. Please feel free to reach out if you have any questions or would like to discuss further.
