Hello, a while ago, I asked this list about usage of the ProxyCommand. As a response, Darren Tucker gave me a great suggestion in this post: http://www.mail-archive.com/secureshell@xxxxxxxxxxxxxxxxx/msg02638.html I then tried to build upon Darren's idea: # dns.name is how we find the IP for the gateway to the net # domain.name is my private name for the network Host *.domain.name ProxyCommand /usr/bin/sshproxy dns.name gateway.domain.name %h %p and here`s the corresponding sshproxy: #! /bin/sh extdns=$1 gateway=$2 host=$3 port=$4 DOMAIN=`hostname -d|sed 's/\./\\\./g'` netcat="netcat -w1 $host $port" if echo $host | egrep "$DOMAIN$" >/dev/null ; then # we are already on the target network, no proxy needed exec $netcat else if [ "x$host" = "x$gateway" ] ; then # we're connecting to the gateway. take in account that it's external # name is different from the name we called him exec ssh -o "HostKeyAlias $gateway" $extdns $netcat else # we're going behind the gateway. Use the gateway as a hop to the # real destination. exec ssh $gateway $netcat fi fi This works great! But there's one drawback: at the end of every session, a "Killed by signal 1." error is reported. This, of course, gives me a bad feeling. BTW: the signal number varies, sometimes it is 1, sometimes it is 2. I can get rid of this error message by deleting the "exec" keywords from the above script. But this effectively ignores the error. So the question is: what causes this "Killed by signal X"? Is it some sort of incompatibility between ssh and netcat? Or am I using ssh and/or netcat in a way it was not designed for? Any ideas how to properly get rid of this error?