ssh tunneling with hostname in /etc/hosts file

Question

I am trying to ssh to destination host via a jump box. Below is my config file entry

Host 172.* 
   User surendra
   IdentityFile ~/.ssh/id_rsa
   ProxyCommand ssh -q -A surendra@jump nc -q0 %h %p

This works fine when I SSH to destination box with IP address. But when i am trying to SSH with hostname this will not work.

Note: I made an entry in my /etc/hosts file as well.

Can someone please help how to configure the .ssh/config file so that i can ssh to destination box using the hostname by looking the hostname entry in my /etc/hosts file.

What does the name resolve to when you try? Does it show the correct ip? — Diamond, Sep 30 '16 at 10:07
since the hostname entry is in my localbox i.e.(/etc/hosts) it didn't resolve to anything. Note: We don't have a internal DNS to resolve the hostname. — suru1432002, Sep 30 '16 at 10:14
http://serverfault.com/questions/801395/use-of-alias-in-etc-hosts-or-ssh-config/801407#801407 — Zoredache, Sep 30 '16 at 14:19
Hi, In my case the /etc/hosts file is like this. 10.10.10.1 abc 10.10.10.2 xyz 10.10.10.3 pqr so what should be the Host naming section should be. — suru1432002, Oct 02 '16 at 07:18

Jakuje · Answer 1 · 2016-09-30T11:58:50.970

1

Use the -W:

Match exec grep %h /etc/hosts
    [...]
    ProxyCommand ssh -W  %h:%p -q -A surendra@jump

It will resolve the hostnames from your local machine and not from the jumpbox.

It will also check if your host is mentioned in the /etc/hosts.

edited Sep 30 '16 at 11:58

answered Sep 30 '16 at 10:53

Jakuje

9,715
2
42
45

It's not working. I have the hostname entry in /etc/hosts file but when i use nslookup command it's not resolving. So even if i use -W option how come it will get resolve. – suru1432002 Sep 30 '16 at 11:42
You certainly need to adjust the `Host` block to match your hostname you are using. It is using what you write on the commandline, not what was resolved. – Jakuje Sep 30 '16 at 11:44
So what should be Host block name if i want to use the hostname as well as IP. – suru1432002 Sep 30 '16 at 11:47
`Host 172.* your_magic_hostname` – Jakuje Sep 30 '16 at 11:48
I have some 100+ hosts, I can't add all of them any alternate way to do this. – suru1432002 Sep 30 '16 at 11:49
So you can create `exec` rule in `Match`, for example `Match exec grep %h /etc/hosts` – Jakuje Sep 30 '16 at 11:52
so do i need to place this line Match exec grep %h /etc/hosts in my .ssh/config file – suru1432002 Sep 30 '16 at 11:57

score 1 · Answer 2 · answered Jul 28 '17 at 07:10

Another way to workaround this is to make hostname/ip mapping entries on both your local machine and on the jumpbox /etc/hosts file.

Ex. Let us assume that the machine you are trying to proxy into is 10.xx.yy.zz and you want to provide an user friendly name appserver.mycompany.com and Your Jumpbox is jumpbox.mycompany.com.

1) On your localhost /etc/hosts, make a following entry

10.xx.yy.zz appserver.mycompany.com

2) On your jumpbox's /etc/hosts, make a following entry

10.xx.yy.zz appserver.mycompany.com

Now that both your local machine and your jumpbox will be able to resolve the user friendly name to the actual IP and your ssh proxy should work with following configuration

Host appserver.mycompany.com
   User surendra
   IdentityFile ~/.ssh/id_rsa
   ProxyCommand ssh -A surendra@jumpbox.mycompany.com -W %h:%p

ssh tunneling with hostname in /etc/hosts file

2 Answers2