Is there a way to create a tunnel from a remote host to a ProxyJump
host?
There are times when I need to connect to a remote host through one or
more hosts and create a reverse dynamic tunnel. However, I don't want
the reverse tunnel to come back to my system, but to one of the
ProxyJump host.
I have a solution provided that the last ProxyJump host is where the
reverse dynamic tunnel needs to terminate.
ssh -tt <Host A> ssh -tt -R12345 <Host B>
However, in the case where there are hosts A, B, C, and D and the
reverse dynamic tunnel needs to terminate on host B, the following will
work if host B supports ProxyJump.
ssh -tt <Host A> ssh -tt <Host B> ssh -J <Host C> -R12345 <Host D>
However, many of the systems we work on don't have a new enough ssh
version for ProxyJump. I know ProxyJump was added in OpenSSH 7.3/7.3p1 (2016-08-01) and reverse dynamic forwarding was added in OpenSSH
7.6/7.6p1 (2017-10-03), so if it supports reverse dynamic forwarding
then it supports ProxyJump, but anything we're connecting to supports
reverse forwarding which was added in OpenSSH 2.5.1p1 (2001-02-19) and
useful in many cases.
I'm wondering is there is a lesser known/obvious feature that lets us
specify a tunnel with the host it should originate from.
I know ProxyJump uses the -W option and maybe that doesn't provide
support for tunneling or tunneling beyond the next hop?
Thanks for any help.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 297 |
Nodes: | 16 (2 / 14) |
Uptime: | 22:10:23 |
Calls: | 6,667 |
Calls today: | 1 |
Files: | 12,216 |
Messages: | 5,337,347 |