SSH via Jump Server in One Step
Its common to use bastion/bounce/jump machine to access machines in a separate security zone.
I have been doing it in two steps so far:
- ssh into bastion-machine with agent authentication forwarding
ssh -A <user>@<bastion-machine>
- then from bastion-machine ssh to the secure-machine:
ssh <user>@<secure-machine>
Recently, I learned that this can be done in a single step:
ssh -J <user>@<bastion-machine> <user>@<secure-machine>
Additionally, its also possible to do port-forwarding through the secure-machine in a single step. For example to forward requests to 5433
port of your local machine to 5432
of Postgres instance that is accessible only from the secure-machine:
ssh -J <user>@<bastion-machine> -L 5433:<postgres-machine>:5432 <user>@<secure-machine>