In some strictly controlled hosts, ssh access is limitted from only a few hosts. For example, Server1 is not allowed to ssh to Server2, while Server0 does not has that limit. If we want to ssh to Server2 from Server1, we will have to use Server0 as a proxy server.

In newer SSH versions, we could use -J option as below:

$ ssh -J Server0:22 Server2

In older versions, -J is not available. In this case, we could use ProxyCommand along with the -W option as below:

$ ssh -o ProxyCommand="ssh -W %h:%p Server0" server2

For more detail, check this wiki.

When programming in python with paramiko, here is some example code to use ProxyCommand.

#!/usr/bin/python
sock = paramiko.ProxyCommand('ssh -W %s:%s %s' % (target_server, port, proxy_server))
ssh.connect(host, port, sock=sock)

• Linux 15
• ssh 3
• python 9

• ansible playbook retry a task until success
• set user password none-interactively in unix
• Split a text file by empty line or string pattern
• Back to my blog
• ssh相关的selinux安全上下文小记一则