Josef Wolf wrote:
Hello,
To get access to hosts behind a NAT-router, I have put the following
into my ssh-config:
Host ext-gw.my-do.main
ProxyCommand none
Host *.my-do.main
ProxyCommand ssh ext-gw.my-do.main nc -w1 %h 22
This works fine while being outside of the NATted network.
Now I would like to configure a laptop in such a way that it is able
to connect directly to the network as well as from the outside. For
that, I'd like to do something like that:
Host gw.my.do.main
ProxyCommand none
LocalHost ! *.my.do.main
Host *.my.do.main
ProxyCommand ssh gw.my.do.main nc -w1 %h 22
LocalHost *
You can do this entirely with a little proxycommand. For example, I
have something like this:
in ~/.ssh/config:
Host myinternalhost
ProxyCommand ~/bin/myconnect %h %p
in ~/bin/myconnect:
#!/bin/sh
if ifconfig fxp0 | grep "inet 10\.0\.0\." >/dev/null; then
exec nc $1 $2 # internal, connect direct
fi
exec gw.my.do.main ssh nc $1 $2 # external, via GW
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.