How do I SSH tunnel using PuTTY or SecureCRT through gateway/proxy to development server?
Posted
by
DAE51D
on Server Fault
See other posts from Server Fault
or by DAE51D
Published on 2011-03-30T03:14:17Z
Indexed on
2011/06/29
8:24 UTC
Read the original article
Hit count: 486
We have some unix boxes setup in a way that to get to the development box via ssh, you have to ssh into a 'user@jumpoff' box first. There is no direct connection allowed on 'dev' via ssh from anywhere but 'jumpoff'. Furthermore, only key exchange is allowed on both servers. And you always login to the development box as 'build@dev'.
It's painful to always do that hopping. I know this can be done with SOCKS or a Tunnel or something...
I have setup a FreeBSD VM and I can get things to work awesome using unix ssh tools. Basically all I do is make sure my vm's ~/.ssh/id_rsa.pub key is on both jumpoff and dev and use this ~/.ssh/config file:
# Development Server
Host ext-dev # this must be a resolvable name for "dev" from Jumpoff
Hostname 1.2.3.4
User build
IdentityFile ~/.ssh/id_rsa
# The Jumpoff Server
Host ext
Hostname 1.1.1.1
User daevid
Port 22
IdentityFile ~/.ssh/id_rsa
# This must come below all of the above
Host ext-*
ProxyCommand ssh ext nc $(echo '%h'|cut -d- -f2-) 22
Then I just simply type "ssh ext-dev" and I'm in like Flynn.
The problem is I can't get this same thing to work using either PuTTY or SecureCRT -- and to be honest I've not found any tutorials that really walk me through it. I see many on setting up some kind of proxy tunnel for Firefox, but it doesn't seem to be the same concept. I've been messing with various trial and error most all day and nothing has worked (obviously) and I'm at the end of my ssh knowledge and Google searching.
I found this link which seemed to be perfect, but it doesn't work for me. The "Master" connects fine, but the "client" portion doesn't connect. It tells me, the remote system refused the connection. http://www.vandyke.com/support/tips/socksproxy.html
I've got the VM, PuTTY and SecureCRT all using the same public/private key pairs to make things consistent and easier to debug.
Does anyone have a straight up example of how to do this in Windows?
© Server Fault or respective owner