Here is the scenario
I am trying to get scp access to server3, but there is only public ssh access to server 1. To ssh to server3, I have to ssh to server1, ssh to server2, then ssh to server3.
My hopeful end result would be that I could WinSCP to localhost:8022 and it will give me file access to server3.
I am trying to use ssh tunnels, but through all the tutorials and questions I have read none seem to work for this scenario.
I am using putty on Windows.
Any suggestions would be truly helpful. Thank you.
Answer
In OpenSSH, I use this setup when I need tunnels. This allows me to directly type sftp server3 without having to worry about manually starting the server2 and server1 tunnels first.
# ~/.ssh/config # to connect to server2, tunnel through server1 Host server2 ProxyCommand ssh server1 nc %h %p # to connect to server3, tunnel through server2 Host server3 ProxyCommand ssh server2 nc %h %p
To be more complete, I usually use ssh -oCiphers=arcfour128,arcfour256,arcfour,blowfish-cbc -oControlMaster=no -oForwardX11=no -oForwardAgent=no -oPermitLocalCommand=no -oClearAllForwardings=yes server1 nc %h %p as the ProxyCommand.
- The ssh connection being tunneled is already encrypted, so there's no point in using the heavier
aes/3desfor the outer layer;arcfourandblowfishare faster. - The rest of the
-o****settings are out of paranoia, so that nothing breaks even if aHost server1stanza with really odd settings is added tossh_config.
Similarly, you can configure PuTTY to use the proxy command plink -P %proxyport -pw %pass %user@%proxyhost nc %host %port, and set the proxy hostname/port/user/password in the Connection/Proxy configuration pane accordingly. plink and the rest of the PuTTY suite (pscp, psftp, etc.) load anything saved in PuTTY's graphical configuration; hopefully WinSCP does too. (I don't use it, so I'm not too familiar with its features.)