1

I use Nginx to redirect my domains coming on port 80 to the correct virtual machines, now I'm wondering if I can do this with ssh on port 22. Redirect all ssh traffic to the correct guests through port 22?

Gilles 'SO- stop being evil'
  • 829,060
yakamok
  • 500
  • 1
  • 5
  • 11

2 Answers2

3

No, you can't do that. It works for HTTP, because the protocol supports name based virtual hosts. SSH doesn't.

mattdm
  • 40,245
3

You can do this through ssh's ProxyCommand facility. Add the following to your $HOME/.ssh/config file. Create it if it doesn't exist with just this content:

Host remoteserverX
    User userint
    ProxyCommand ssh userext@externalserver nc remoteserverX %p
Host remoteserverY
    User userint
    ProxyCommand ssh userext@externalserver nc remoteserverY %p

You then connect to the different internal remote servers like this:

$ ssh remoteserverX

-or-

$ ssh remoteserverY

This is the tip of the iceberg as far as this feature goes. Check out this U&L Q&A titled: SSH tunnel through middleman server - how to connect in one step (using key pair)?, for more details.

NOTE: The above method is making use of a tool called nc (netcat) which should be in any major distros' repositories.

This isn't exactly the same as Nginx's redirection, you're tunneling through the external system to get to the internal system, but it has a similar effect.

Complex examples

  1. One Host stanza, many hosts.

    Host *.mydom.com *
    ProxyCommand ssh externalserver nc %h %p

  2. One `Hosts stanza, for many users.

    Add the Hosts stanza to the system's /etc/ssh/ssh_config file so that anyone logging into the box can make use of it.

Community
  • 1
slm
  • 369,824
  • this is not practical for each user to have to do – yakamok Aug 10 '13 at 07:33
  • @yakamok - as I said this is the tip of the iceberg. You can make a more general rule that acts as a template so you can get into any system behind the main system. – slm Aug 10 '13 at 10:23