Re: HOWTO (advanced) ssh transparent proxy jump

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



[Added openssh-unix-dev@ back to thread].

On Oct 19, 2024, at 12:02, Maât <maat-ml@xxxxxxxxxx> wrote:
> 
> Le 19/10/2024 à 19:32, Jim Knoble a écrit :
> 
>>> Why avoid it? What use cases are there for logging into host b, besides as a jump host?
> 
> In  fact this "B" machine has several roles, [which get enumerated...]

Have you considered assigning a different IP (or IPv6) address to the name assigned to the exposed GitLab? Then it's a different listening host:port and requires no additional proxy jumping.

Another option is to forbid SSH access to the GitLab instance altogether and require HTTPS access only, which handles virtual hosts nicely. (This could also reduce the attack surface against GitLab).

--
jim knoble
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux