On Fri, 18 Aug 2023 at 18:38, Jochen Bern <Jochen.Bern@xxxxxxxxx> wrote: [...] > If I understand correctly, you need to *know* the target system's local > 172-ish IP to be able to log in. No, the client doesn't need to know the server's address. By default non-fully-qualified hostnames will be passed to the Jumphost to be resolved there (subject to the CanonicalDomains and Canonicalized.* settings) and you also have the option of setting "ProxyCommand ssh -W ..." yourself. See https://github.com/openssh/openssh-portable/blob/master/ssh.c#L461 -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
