How do I SSH tunnel using PuTTY or SecureCRT through gateway/proxy to development server?

Posted by DAE51D on Server Fault See other posts from Server Fault or by DAE51D
Published on 2011-03-30T03:14:17Z Indexed on 2011/06/29 8:24 UTC
Read the original article Hit count: 486

Filed under:
|
|
|
|

We have some unix boxes setup in a way that to get to the development box via ssh, you have to ssh into a 'user@jumpoff' box first. There is no direct connection allowed on 'dev' via ssh from anywhere but 'jumpoff'. Furthermore, only key exchange is allowed on both servers. And you always login to the development box as 'build@dev'.

It's painful to always do that hopping. I know this can be done with SOCKS or a Tunnel or something...

I have setup a FreeBSD VM and I can get things to work awesome using unix ssh tools. Basically all I do is make sure my vm's ~/.ssh/id_rsa.pub key is on both jumpoff and dev and use this ~/.ssh/config file:

# Development Server
Host            ext-dev  # this must be a resolvable name for "dev" from Jumpoff
Hostname        1.2.3.4
User            build
IdentityFile    ~/.ssh/id_rsa  

# The Jumpoff Server
Host            ext 
Hostname        1.1.1.1
User            daevid
Port            22 
IdentityFile    ~/.ssh/id_rsa

# This must come below all of the above 
Host            ext-* 
ProxyCommand    ssh ext nc $(echo '%h'|cut -d- -f2-) 22 

Then I just simply type "ssh ext-dev" and I'm in like Flynn.

The problem is I can't get this same thing to work using either PuTTY or SecureCRT -- and to be honest I've not found any tutorials that really walk me through it. I see many on setting up some kind of proxy tunnel for Firefox, but it doesn't seem to be the same concept. I've been messing with various trial and error most all day and nothing has worked (obviously) and I'm at the end of my ssh knowledge and Google searching.

I found this link which seemed to be perfect, but it doesn't work for me. The "Master" connects fine, but the "client" portion doesn't connect. It tells me, the remote system refused the connection. http://www.vandyke.com/support/tips/socksproxy.html

I've got the VM, PuTTY and SecureCRT all using the same public/private key pairs to make things consistent and easier to debug.

Does anyone have a straight up example of how to do this in Windows?

© Server Fault or respective owner

Related posts about Windows

Related posts about ssh