Brendan Abolivier 3f5c4a73e1 s/proxy/bastion/g | 6 gadus atpakaļ | |
---|---|---|
LICENSE | 6 gadus atpakaļ | |
README.md | 6 gadus atpakaļ | |
salt-ssh-bastion-wrapper.sh | 6 gadus atpakaļ |
When passed a hostname, salt-ssh will try to look it up in a roster file instead of looking it up, or checking its OpenSSH configuration.
When passed an IP address, it will directly connect with the host, but if you try to reach a host in your company's network that's behind a SSH bastion, you'll have to specify the specific OpenSSH configuration for the host, each and every time, unless you can afford having a host rule in your OpenSSH configuration (which might not always be the case, given the restrictions for addressing in a local network).
You can call this script as you would call salt-ssh
, and pass it a FQDN in the domain of a local network that's behind a bastion. It will look up the proxy configuration in OpenSSH's configuration, lookup the IP address for that FQDN by SSH'ing to the bastion and calling dig
, then call salt-ssh
with the right proxy option and IP address.
dig
binary in the user's $PATH
.ProxyJump
configuration rule.