On Tue, 4 Oct 2011 07:37:38 -0700 Darren VanBuren <onekopaka@xxxxxxxxx> wrote: > Oh, so it's more like tunnelling SSH in SSH, similar to X11 in SSH or > SOCKS through SSH? > > I just remember that last time I connected I think I had to use agent > forwarding. I may be wrong, I was tired while writing this email last > night. Yeah, basically using bastion simply as a way to connect to other sshd's. It's nice, because: - You don't need your private key on any shared systems. - You don't need to run ssh agent forwarding at all. (You can in rare cases when you need to copy things between internal machines). - You don't have to ssh into a bastion then another machine, you can 'ssh foobar' and it logs you into foobar (it's using bastion behind the scenes here, but thats transparent). - You don't need any config on the bastion host, all of it's on your local machine, so if bastion is re-installed it doesn't matter. kevin
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
