ssh proxy
Using SSH Proxy in .ssh/config
[ Your Machine ] ---> [ Gateway Server ] ---> [ Final Destination ]
ssh ProxyCommand/Jump ssh session
The SSH ProxyCommand and ProxyJump options allow you to
route SSH connections through an intermediate server (proxy),
— allows SSH to reach otherwise inaccessible targets by hopping through a proxy
simplifying firewall rules and enhancing security.
Configuring an SSH Proxy in ~/.ssh/config
To automate proxy connections, add the following to ~/.ssh/config:
Host final-server
ProxyCommand ssh -W %h:%p user@gateway-server
ProxyCommand → Uses the gateway server to
forward SSH traffic to final-server.
— ProxyCommand establishes the link through a jump host or bastion to the destination
-W %h:%p → Sends
raw TCP stream
— sends unmodified TCP data directly to the target server over the tunnel
to the destination.
Alternative: Using ProxyJump (Simpler)
Host final-server
ProxyJump user@gateway-server
ProxyJump → Automatically forwards SSH traffic through the gateway without needing ProxyCommand.