Skip to content

Instantly share code, notes, and snippets.

@krigar
Last active February 28, 2023 20:46
Show Gist options
  • Star 18 You must be signed in to star a gist
  • Fork 10 You must be signed in to fork a gist
  • Save krigar/43cd8b41bd72b4b0f6bd to your computer and use it in GitHub Desktop.
Save krigar/43cd8b41bd72b4b0f6bd to your computer and use it in GitHub Desktop.
Bastion Playbook
[ssh_connection]
ssh_args = -F ssh.cfg
control_path = ~/.ssh/mux-%r@%h:%p
[bastion]
54.171.0.0
[app_servers]
172.16.1.1
172.16.2.1
Host 172.16.*
ProxyCommand ssh -W %h:%p ubuntu@54.171.0.0
Host *
ControlMaster auto
ControlPath ~/.ssh/mux-%r@%h:%p
ControlPersist 15m
Copy link

ghost commented Apr 16, 2018

What if I have to use key based login from controller to bastion and bastion to app_servers? @krigar

@soumyabk
Copy link

Where do we specify the pem key when we need to use key based ssh logins?

@sebastienvg
Copy link

@soumyabk

Host 172.16.*
  ProxyCommand           ssh -A -W %h:%p ubuntu@54.171.0.0

Host *
  ControlMaster          auto
  ControlPath            ~/.ssh/mux-%r@%h:%p
  ControlPersist         15m
  IdentityFile             ~/.ssh/id_rsa

notice the added "IdentityFile" above and the "-A" in the first block that will forward your key to the jumpbox, this setup works for me.

@cobar79
Copy link

cobar79 commented Feb 28, 2023

What are the contents of: ~/.ssh/mux-%r@%h:%p

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment