Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Bastion Playbook
[ssh_connection]
ssh_args = -F ssh.cfg
control_path = ~/.ssh/mux-%r@%h:%p
[bastion]
54.171.0.0
[app_servers]
172.16.1.1
172.16.2.1
Host 172.16.*
ProxyCommand ssh -W %h:%p ubuntu@54.171.0.0
Host *
ControlMaster auto
ControlPath ~/.ssh/mux-%r@%h:%p
ControlPersist 15m
@ja8zyjits

This comment has been minimized.

Copy link

@ja8zyjits ja8zyjits commented Sep 16, 2016

A doubt, shouldn't the second code be titled inventory?

@gsaslis

This comment has been minimized.

Copy link

@gsaslis gsaslis commented Aug 28, 2017

Thanks @krigar!!

(p.s. yeah, i think @ja8zyjits is right so that the file would match your article ;) )

@ghost

This comment has been minimized.

Copy link

@ghost ghost commented Apr 16, 2018

What if I have to use key based login from controller to bastion and bastion to app_servers? @krigar

@soumyabk

This comment has been minimized.

Copy link

@soumyabk soumyabk commented Jun 21, 2018

Where do we specify the pem key when we need to use key based ssh logins?

@sebastienvg

This comment has been minimized.

Copy link

@sebastienvg sebastienvg commented Dec 18, 2018

@soumyabk

Host 172.16.*
  ProxyCommand           ssh -A -W %h:%p ubuntu@54.171.0.0

Host *
  ControlMaster          auto
  ControlPath            ~/.ssh/mux-%r@%h:%p
  ControlPersist         15m
  IdentityFile             ~/.ssh/id_rsa

notice the added "IdentityFile" above and the "-A" in the first block that will forward your key to the jumpbox, this setup works for me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment