How can I simplify this?
Perhaps using agent forwarding?
I have an SSH jump host with 2FA via TOTP x2 and a machine which uses 2FA as well(jump host and machine):
ssh [email protected] -L 22222:my_machine.corp.com:22
# requires password + 2FA TOTP code
ssh myuser@localhost -p 22222
# requires password + 2FA TOTP code
How can I ideally simplify this (via SSH config or so) to simply call ssh myhost
and then if needed be asked for the 2FA and password 2x – but not having to connect 2x
Best Answer
You can use the
ProxyJump
option of the ssh client to achieve that:ssh -J [email protected] my_machine.corp.com
or as an entry in
~/.ssh/config
: