SSH jump hosts are employed as an alternative to SSH tunneling to access internal machines through a gateway.
The idea is to use ProxyCommand to automatically execute the ssh command on remote host to jump to the next host and forward all traffic through.
Jump through CLI:
user$ ssh -J user1@host1:port1 user2@host2 -p port2
Using config:
1.Single jump
ProxyJump hosts can be defined inside each user’s SSH config file.
Eddit — — -> ~/.ssh/config
### First jump host. Directly reachable
Host betajump
HostName jumphost1.example.org
### Host to jump to via jumphost1.example.org
Host behindbeta
HostName behindbeta.example.org
ProxyJump betajump2.multiple jump
The same syntax can be used to make jumps over multiple machines:
Eddit — -> ~/.ssh/config
### First jump host. Directly reachable
Host alphajump
HostName jumphost1.example.org
### Second jumphost. Only reachable via jumphost1.example.org
Host betajump
HostName jumphost2.example.org
ProxyJump alphajump
### Host only reachable via alphajump and betajump
Host behindalphabeta
HostName behindalphabeta.example.org
ProxyJump betajumpuser$ ssh behindalphabetaIt works with scp too:
user$ scp filename behindalphabeta:~/