I typically find myself with voluminous bashrc files filled with aliases and functions for connecting to specific hosts via ssh. I would like an easier way to manage the various ssh hosts, ports, and keys. I typically maintain an ssh-agent across multiple hosts, as well as various tunnels; reverse tunnels, and chained tunnels — but […]
ssh
chaining ssh tunnels
Imagine you’re working within a private home network and need to connect to an Oracle database within a corporate network accessible only through a bastion host hidden within the corporate network. Odd as that sounds, it’s a typical network configuration, as follows: The layout is very simple, when you’re within the corporate network you must […]
reverse ssh tunnel
I would like ssh access to a protected host that is not directly accessible on the Internet but does have outbound access. This is a common scenario in corporate networks that often require a vpn for remote access; but in situations where vpn access is not available (e.g., I forgot my keyfob, or I don’t […]
ssh agent across multiple hosts
I would like secure single-sign-in across multiple hosts. An easy way to do this is with ssh-agent, however, ssh-agent is a bit limited. For example, the normal use of ssh-agent looks like this, $ ssh-agent SSH_AUTH_SOCK=/tmp/ssh-stSwW11394/agent.11394; export SSH_AUTH_SOCK; SSH_AGENT_PID=11395; export SSH_AGENT_PID; echo Agent pid 11395; You would need to set those environment variables to use […]