On 16Apr2010 01:24, Matt Domsch <Matt_Domsch@xxxxxxxx> wrote: | On Thu, Apr 15, 2010 at 04:12:20PM +0200, Christoph H?ger wrote: | > I need to ssh to some remote VM that sit in a private LAN. For any other | > service (e.g. RDP) I'd use ssh tunneling just normal. | > But what do I do for ssh traffic? Since ssh is not host agnostic, it | > will always complain about localhost having a different RSA key. | > I just do not want to edit the known_hosts every time I need to connecto | > to a new machine! | > | > Is there some way to tell ssh to use a tunnel directly for a | > connection? | | you want to use ProxyCommand lines in .ssh/config, rather than local | redirects. | | Host deeper-inside | HostName 192.168.1.2 | ProxyCommand ssh inside nc %h %p | | Host inside | HostName 192.168.0.2 | ProxyCommand ssh outside nc %h %p | | | where outside is the public host name/IP, inside is one level inside | your private network, directly reachable by host outside, and | deeper-inside is 2 levels deep, directly reachable by host inside. | | $ ssh deeper-inside I have a script "sshto": http://www.cskk.ezoshosting.com/cs/css/bin/sshto that does that automatically, on the fly. Thus: sshto inside\!deeper-inside or even: sshto inside\!deeper-inside\!even-deeper-inside It uses a small config file which has lines like: foo inside!deeper-inside!even-deeper-inside so you can say "sshto foo". With rsync, going: rsync -e sshto or via its $RSYNC_RSH envvar, you can use that same syntax on the command line with rsync. I use it extensively; it has proven _extremely_ useful. Cheers, -- Cameron Simpson <cs@xxxxxxxxxx> DoD#743 http://www.cskk.ezoshosting.com/cs/ Processes are like potatoes. - NCR device driver manual -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
