How to SSH directly to target via jumphost using SSH Config without additional ssh command

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP












14















If I do:



ssh -J jumphost.example.com target.example.com


I end up immediately logged on to 'target'.



If I use this ssh config file, using the newer ssh-7.3 jump config:



Host jump 10.1.*, targets*, *.example.com
HostName jumphost.example.com
IdentitiesOnly yes
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/id_rsa

Host *
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/id_rsa


I end up logged into 'jumphost' not 'target'



They keychain stuff is for mac, I have tested without it and it makes no difference but thought I'd leave it in just in case.










share|improve this question



















  • 1





    -J is ProxyJump and not HostName.

    – Boris the Spider
    Feb 17 at 14:42















14















If I do:



ssh -J jumphost.example.com target.example.com


I end up immediately logged on to 'target'.



If I use this ssh config file, using the newer ssh-7.3 jump config:



Host jump 10.1.*, targets*, *.example.com
HostName jumphost.example.com
IdentitiesOnly yes
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/id_rsa

Host *
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/id_rsa


I end up logged into 'jumphost' not 'target'



They keychain stuff is for mac, I have tested without it and it makes no difference but thought I'd leave it in just in case.










share|improve this question



















  • 1





    -J is ProxyJump and not HostName.

    – Boris the Spider
    Feb 17 at 14:42













14












14








14


8






If I do:



ssh -J jumphost.example.com target.example.com


I end up immediately logged on to 'target'.



If I use this ssh config file, using the newer ssh-7.3 jump config:



Host jump 10.1.*, targets*, *.example.com
HostName jumphost.example.com
IdentitiesOnly yes
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/id_rsa

Host *
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/id_rsa


I end up logged into 'jumphost' not 'target'



They keychain stuff is for mac, I have tested without it and it makes no difference but thought I'd leave it in just in case.










share|improve this question
















If I do:



ssh -J jumphost.example.com target.example.com


I end up immediately logged on to 'target'.



If I use this ssh config file, using the newer ssh-7.3 jump config:



Host jump 10.1.*, targets*, *.example.com
HostName jumphost.example.com
IdentitiesOnly yes
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/id_rsa

Host *
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/id_rsa


I end up logged into 'jumphost' not 'target'



They keychain stuff is for mac, I have tested without it and it makes no difference but thought I'd leave it in just in case.







linux ssh






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Feb 16 at 16:43









kasperd

26.6k1251104




26.6k1251104










asked Feb 16 at 15:08









AirCombatAirCombat

793833




793833







  • 1





    -J is ProxyJump and not HostName.

    – Boris the Spider
    Feb 17 at 14:42












  • 1





    -J is ProxyJump and not HostName.

    – Boris the Spider
    Feb 17 at 14:42







1




1





-J is ProxyJump and not HostName.

– Boris the Spider
Feb 17 at 14:42





-J is ProxyJump and not HostName.

– Boris the Spider
Feb 17 at 14:42










2 Answers
2






active

oldest

votes


















21














You end up logged in to the jump host because your configuration explicitly says to ignore the hostname you specified and log in to the jump host.



 HostName jumphost.example.com


HostName overrides the hostname specified on the command line.



If you are trying to automatically use a jump host without having to specify it on the ssh command line, the correct config file option is ProxyJump. For example:



Host everything, behind, jumphost, *.example.com
ProxyJump jumphost.example.com


Now you can just run ssh target.example.com and you will go through the jumphost.






share|improve this answer
































    2














    The problem is that the Host definition catches both jumphost.example.com AND target.example.com as aliases, it then sets HostName to jumphost.example.com in both cases.



    I would suggest making the aliases following the Host command NOT fully qualified domain names, then creating a Host entry for each






    share|improve this answer
























      Your Answer








      StackExchange.ready(function()
      var channelOptions =
      tags: "".split(" "),
      id: "2"
      ;
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function()
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled)
      StackExchange.using("snippets", function()
      createEditor();
      );

      else
      createEditor();

      );

      function createEditor()
      StackExchange.prepareEditor(
      heartbeatType: 'answer',
      autoActivateHeartbeat: false,
      convertImagesToLinks: true,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: 10,
      bindNavPrevention: true,
      postfix: "",
      imageUploader:
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      ,
      onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      );



      );













      draft saved

      draft discarded


















      StackExchange.ready(
      function ()
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f954281%2fhow-to-ssh-directly-to-target-via-jumphost-using-ssh-config-without-additional-s%23new-answer', 'question_page');

      );

      Post as a guest















      Required, but never shown

























      2 Answers
      2






      active

      oldest

      votes








      2 Answers
      2






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes









      21














      You end up logged in to the jump host because your configuration explicitly says to ignore the hostname you specified and log in to the jump host.



       HostName jumphost.example.com


      HostName overrides the hostname specified on the command line.



      If you are trying to automatically use a jump host without having to specify it on the ssh command line, the correct config file option is ProxyJump. For example:



      Host everything, behind, jumphost, *.example.com
      ProxyJump jumphost.example.com


      Now you can just run ssh target.example.com and you will go through the jumphost.






      share|improve this answer





























        21














        You end up logged in to the jump host because your configuration explicitly says to ignore the hostname you specified and log in to the jump host.



         HostName jumphost.example.com


        HostName overrides the hostname specified on the command line.



        If you are trying to automatically use a jump host without having to specify it on the ssh command line, the correct config file option is ProxyJump. For example:



        Host everything, behind, jumphost, *.example.com
        ProxyJump jumphost.example.com


        Now you can just run ssh target.example.com and you will go through the jumphost.






        share|improve this answer



























          21












          21








          21







          You end up logged in to the jump host because your configuration explicitly says to ignore the hostname you specified and log in to the jump host.



           HostName jumphost.example.com


          HostName overrides the hostname specified on the command line.



          If you are trying to automatically use a jump host without having to specify it on the ssh command line, the correct config file option is ProxyJump. For example:



          Host everything, behind, jumphost, *.example.com
          ProxyJump jumphost.example.com


          Now you can just run ssh target.example.com and you will go through the jumphost.






          share|improve this answer















          You end up logged in to the jump host because your configuration explicitly says to ignore the hostname you specified and log in to the jump host.



           HostName jumphost.example.com


          HostName overrides the hostname specified on the command line.



          If you are trying to automatically use a jump host without having to specify it on the ssh command line, the correct config file option is ProxyJump. For example:



          Host everything, behind, jumphost, *.example.com
          ProxyJump jumphost.example.com


          Now you can just run ssh target.example.com and you will go through the jumphost.







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Feb 16 at 16:44









          kasperd

          26.6k1251104




          26.6k1251104










          answered Feb 16 at 15:26









          Michael HamptonMichael Hampton

          172k27315642




          172k27315642























              2














              The problem is that the Host definition catches both jumphost.example.com AND target.example.com as aliases, it then sets HostName to jumphost.example.com in both cases.



              I would suggest making the aliases following the Host command NOT fully qualified domain names, then creating a Host entry for each






              share|improve this answer





























                2














                The problem is that the Host definition catches both jumphost.example.com AND target.example.com as aliases, it then sets HostName to jumphost.example.com in both cases.



                I would suggest making the aliases following the Host command NOT fully qualified domain names, then creating a Host entry for each






                share|improve this answer



























                  2












                  2








                  2







                  The problem is that the Host definition catches both jumphost.example.com AND target.example.com as aliases, it then sets HostName to jumphost.example.com in both cases.



                  I would suggest making the aliases following the Host command NOT fully qualified domain names, then creating a Host entry for each






                  share|improve this answer















                  The problem is that the Host definition catches both jumphost.example.com AND target.example.com as aliases, it then sets HostName to jumphost.example.com in both cases.



                  I would suggest making the aliases following the Host command NOT fully qualified domain names, then creating a Host entry for each







                  share|improve this answer














                  share|improve this answer



                  share|improve this answer








                  edited Feb 16 at 16:43









                  kasperd

                  26.6k1251104




                  26.6k1251104










                  answered Feb 16 at 15:23









                  NanzikambeNanzikambe

                  2365




                  2365



























                      draft saved

                      draft discarded
















































                      Thanks for contributing an answer to Server Fault!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid


                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.

                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function ()
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f954281%2fhow-to-ssh-directly-to-target-via-jumphost-using-ssh-config-without-additional-s%23new-answer', 'question_page');

                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown






                      Popular posts from this blog

                      How to check contact read email or not when send email to Individual?

                      Displaying single band from multi-band raster using QGIS

                      How many registers does an x86_64 CPU actually have?