liejuntao001/ssh config cheatsheet

## ssh config cheatsheet
scenario:
desktop ---> proxy ---> hop_host open reverse port
other hosts -> hop_host -> desktop

# desktop ~/.ssh/config
Host hop_host
   Hostname hop_host.domain.com
   ProxyCommand /usr/bin/corkscrew proxy_ip 8080 %h %p ~/.corkscrew-auth

# desktop open and keep a reverse ssh tunnel
$ cat port_forward.sh
#!/bin/bash
autossh -M 20020 -N -R 127.0.0.1:19998:localhost:22 hop_host &

# hop_host ~/.ssh/config
Host desktop
hostname 127.0.0.1
port 19998

# make sure hop_host could ssh to desktop

# other hosts ssh to desktop via hop_host
# ~/.ssh/config
Host desktop
  Hostname 127.0.0.1
  Port 19998
  User scm
  ProxyCommand ssh -i /home/scm/.ssh/id_rsa -o 'ForwardAgent yes' scm@hop_host 'ssh-add && nc %h %p'

# other hosts connect to desktop
$ eval `ssh-agent`
$ do ssh stuff...
$ ssh-agent -k

# rmate reverse tunnel
$ cat .alias
alias rmate_helper='ssh -R 52698:localhost:52698 remote_host'

scenario:
desktop ---> proxy ---> hop_host open reverse port
laptop ---> jump_host_1 ---> hop_host ---> desktop

# laptop could ssh to desktop and vnc to desktop
# laptop .ssh/config
Host jump_host_1
Compression yes
HostName jump_host_1
User user
Localforward 5902 localhost:5902
ProxyCommand /usr/bin/corkscrew localhost 3128 %h %p

Host hop_host
Compression yes
HostName hop_host
User user
Localforward 5902 localhost:5902
ProxyJump jump_host_1

Host desktop
HostName 127.0.0.1
Port 19998
User user
Localforward 5902 localhost:5901
ProxyJump hop_host
	scenario:
	desktop ---> proxy ---> hop_host open reverse port
	other hosts -> hop_host -> desktop

	# desktop ~/.ssh/config
	Host hop_host
	Hostname hop_host.domain.com
	ProxyCommand /usr/bin/corkscrew proxy_ip 8080 %h %p ~/.corkscrew-auth

	# desktop open and keep a reverse ssh tunnel
	$ cat port_forward.sh
	#!/bin/bash
	autossh -M 20020 -N -R 127.0.0.1:19998:localhost:22 hop_host &

	# hop_host ~/.ssh/config
	Host desktop
	hostname 127.0.0.1
	port 19998

	# make sure hop_host could ssh to desktop

	# other hosts ssh to desktop via hop_host
	# ~/.ssh/config
	Host desktop
	Hostname 127.0.0.1
	Port 19998
	User scm
	ProxyCommand ssh -i /home/scm/.ssh/id_rsa -o 'ForwardAgent yes' scm@hop_host 'ssh-add && nc %h %p'

	# other hosts connect to desktop
	$ eval `ssh-agent`
	$ do ssh stuff...
	$ ssh-agent -k

	# rmate reverse tunnel
	$ cat .alias
	alias rmate_helper='ssh -R 52698:localhost:52698 remote_host'

	scenario:
	desktop ---> proxy ---> hop_host open reverse port
	laptop ---> jump_host_1 ---> hop_host ---> desktop

	# laptop could ssh to desktop and vnc to desktop
	# laptop .ssh/config
	Host jump_host_1
	Compression yes
	HostName jump_host_1
	User user
	Localforward 5902 localhost:5902
	ProxyCommand /usr/bin/corkscrew localhost 3128 %h %p

	Host hop_host
	Compression yes
	HostName hop_host
	User user
	Localforward 5902 localhost:5902
	ProxyJump jump_host_1

	Host desktop
	HostName 127.0.0.1
	Port 19998
	User user
	Localforward 5902 localhost:5901
	ProxyJump hop_host