I was playing around with the idea of having a SSH Proxy Server or otherwise called Jump Host, which I would use to connect to all of my "hidden" Servers. So basically I have the following setup. Please note I intentionally use IP addresses here instead of hostname.
<client> ---> <proxy_ssh> ---> <192.168.0.*>
My intention is that it should be as transparent for the users as possible. So ideally the users should only have to execute the following command
# ssh email@example.com
To get this working I've created the following
Host * ServerAliveInterval 240 Compression yes ForwardAgent yes ForwardX11 yes Host 192.168.0.* ProxyCommand ssh my_user@proxy_ssh.example.com netcat -w 120 %h %p
This works fine. But it is kind of tedious if I would have more networks to work with behind my
proxy_ssh server. So I've tried simply adding the
ProxyCommand to the
Host * section which did not work.
I've wanted to make this more transparent for the end user, and changed the ssh config to the following, simply leaving out the specific Host definition.
Host * ServerAliveInterval 240 Compression yes ForwardAgent yes ForwardX11 yes ProxyCommand ssh my_user@proxy_ssh.example.com netcat -w 120 %h %p
This had the impact that I was not able to connect any longer to the endhost. The connection simply timed out!
So hence my question is there any way of having this more transparent in such a way that all of my SSH connection would use the