SSH Proxy Commands that use `sed`

Published June 9th, 2014

If you find yourself using a Bastion or Jump Server very often, you quickly become familiar with man ssh_config.

One trick I’ve recently figured out is using sed with a ProxyCommand — this lets me optionally use a bastion host by just appending .bast to a hostname. Most examples of using ProxyCommand apply it to all hosts, or a specific sub-domain, but this configuration allows you to late decide if you want to use the bastion or not.

Examples:

ssh myserver.example.com.bast ssh myserver.example.com

Place the following in your .ssh/config , with the appropriate changes for your environment:

Host bastion Hostname bastion-server.example.com ProxyCommand none User paul.examplesurname ControlMaster auto ControlPath ~/.ssh/master-%r@%h:%p Host *.bast ProxyCommand ssh -aY bastion 'nc -w 900 `echo %h | sed s/\\.bast$//` %p' ForwardAgent yes TCPKeepAlive yes ServerAliveInterval 300