Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Bastion Playbook
[ssh_connection]
ssh_args = -F ssh.cfg
control_path = ~/.ssh/mux-%r@%h:%p
[bastion]
54.171.0.0
[app_servers]
172.16.1.1
172.16.2.1
Host 172.16.*
ProxyCommand ssh -W %h:%p ubuntu@54.171.0.0
Host *
ControlMaster auto
ControlPath ~/.ssh/mux-%r@%h:%p
ControlPersist 15m
@ja8zyjits
Copy link

ja8zyjits commented Sep 16, 2016

A doubt, shouldn't the second code be titled inventory?

@gsaslis
Copy link

gsaslis commented Aug 28, 2017

Thanks @krigar!!

(p.s. yeah, i think @ja8zyjits is right so that the file would match your article ;) )

Copy link

ghost commented Apr 16, 2018

What if I have to use key based login from controller to bastion and bastion to app_servers? @krigar

@soumyabk
Copy link

soumyabk commented Jun 21, 2018

Where do we specify the pem key when we need to use key based ssh logins?

@sebastienvg
Copy link

sebastienvg commented Dec 18, 2018

@soumyabk

Host 172.16.*
  ProxyCommand           ssh -A -W %h:%p ubuntu@54.171.0.0

Host *
  ControlMaster          auto
  ControlPath            ~/.ssh/mux-%r@%h:%p
  ControlPersist         15m
  IdentityFile             ~/.ssh/id_rsa

notice the added "IdentityFile" above and the "-A" in the first block that will forward your key to the jumpbox, this setup works for me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment