• Stars
    star
    122
  • Rank 292,031 (Top 6 %)
  • Language
    Perl
  • License
    BSD 3-Clause "New...
  • Created over 13 years ago
  • Updated over 4 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

DESCRIPTION

ssh-chain - ssh via a chain of intermediary hosts

NOTE

This functionality is built into OpenSSH via the -J option as of version 7.3, therefore this tool will no longer be maintained.

INSTALL

Copy the ssh-chain script to somewhere that's in your path. Append the following to ~/.ssh/config or /etc/ssh/ssh_config:

# This should be the last entry
Host *^*
ProxyCommand ssh-chain %h %p

and you're done.

USAGE

ssh-chain can act as a wrapper to ssh in order to avoid filling your known_hosts file with garbage - just run ssh-chain instead of ssh.

The simple use case is this:

ssh final.example^second.example^first.example

The connection is built right to left, so you'll end up with a set of connections that looks like this:

you -> first.example -> second.example -> final.example

This will also work with scp/sftp and hopefully any other tool that invokes ssh as a backend (e.g. rsync, git, svn, etc.) and all the standard features such as port forwarding should work.

ADVANCED USAGE

Sometimes you'll have need to specify a username or port for an intermediary host. Since ssh will normally consume these, different (and sort of weird) syntax is used. Ports are specified by appending an underscore (e.g. foo.example_2222) and usernames use a plus instead of an at symbol (e.g. jdoe+foo.example). The far left host still needs to be specified using an at symbol since this doesn't get fed to the ProxyCommand. Example:

[email protected]^johnd+second.example_2222^john+first.example_443

HOST-SPECIFIC OPTIONS

To make host-specific options for hosts other than the first one in the chain work, you need to change lines like this

Host *.foo.example bar.example
User john
Port 2222

to

Host *.foo.example *.foo.example^* bar.example bar.example^*
User john
Port 2222

NOTES

It's preferable to use OpenSSH 5.4 or newer with ssh-chain. 'netcat mode' (-W) was added then and this is faster then exec'ing netcat on the remote host. ssh-chain auto-detects if -W is available and will remote exec netcat otherwise.

More Repositories

1

brainflayer

A proof-of-concept cracker for cryptocurrency brainwallets and other low entropy key alogrithms.
C
824
star
2

threshcrypt

A password-based implementation of threshold encryption
C
30
star
3

storybits

JavaScript
23
star
4

dnsstore

Prolog
21
star
5

VerifyJS

VerifyJS - Load JavaScript from a CDN, no trust required!
JavaScript
10
star
6

llhash

A permissively licensed, low-level, high-performance cryptographic hash library for hackers.
Assembly
9
star
7

mariadb-bcrypt-udf

bcrypt user-defined functions for MariaDB/MySQL
C
7
star
8

libsdsock

An LD_PRELOAD hack for systemd socket activation
C
7
star
9

goatsefloppy

A github mirror of the "goatse rescue floppy" circa 2004.
HTML
6
star
10

isodecrypt

Perl
5
star
11

certpy

CertPy is a high level toolkit for generating x509 (e.g. SSL/TLS/HTTPS) certificates in Python.
Python
5
star
12

hashprogs

A collection of small programs which compute cryptographic hashs.
C
4
star
13

undercrypto2014

Python
4
star
14

enfringement

Tools for working with EnGenius EnSky series WAPs
Python
4
star
15

bloomslice

a byte sliced bloom filter implementation for pre-hashed inputs
C
3
star
16

p256.js

Utility routines for working with P-256 Elliptic Curve keys in javascript, intended for use with the Web Crypto API
JavaScript
3
star
17

gub211

Userspace Linux driver for IOGEAR GUB211 USB 2.0 Printer Auto Sharing Switch
C
3
star
18

ryancdotorg

profile repository
2
star
19

bootselfie

From the PancakesCon 3 CTF
HTML
2
star
20

rfc1421

Python
2
star
21

probemon

unfinished wifi activity monitoring code
Python
2
star
22

dhclient-script-multiwan

Fork of dhclient-script with modifications to better support multi-homed hosts
Shell
2
star
23

libtprpg

A tiny pseudorandom permutation generator library
C
2
star
24

python-nflogr

An object-oriented Python interface to read data via NFLOG
C++
2
star
25

ja3d

Python
1
star
26

proberelay

C
1
star
27

nametrade

non-interactive atomic name trading for namecoin
Python
1
star
28

pelican-spoiler-rst

Pelican plugin adding a spoiler role to reStructuredText
Python
1
star
29

3vain5me

A P2SH vanity address generator
1
star
30

async-sha256-js

1
star
31

dashmon

personal project for integrating amazon dash buttons with mqtt
Python
1
star
32

bcrypt-ext

Extended bcrypt, increases max work factor and adds keywrap.
C
1
star
33

trivial-rsa

A very simple OpenVPN TLS config generator.
Shell
1
star