A short introduction to our 2 following SSH-jumphost
To enhance our security a bit, normally, SSH is closed from outside of the ETH to our main network (82.130.102.0/23)
Please do use our VPN or our 2 following SSH-jumphost:
– j2tik.ethz.ch
ssh fingerprints:
256 SHA256:W43HEHZqTF+u8IPyFvsYyMUvqxd1B7b6+xCtrc4Q8fs jump2tik (ED25519)
2048 SHA256:+DeEXlFJELGTsjr7VN9vZZPJWZvLTNIpNMsqwHnpYUc jump2tik (RSA)
256 SHA256:ydLCtMZMprTnmiNqXVo0sk4QrEWw1vpLgiCxheAD2OQ jump2tik (ECDSA)
– j2tik2.ethz.ch
ssh-fingerprints (updated June 2023):
2048 SHA256:aTepmYZe67g8GgRVnjs/SAIPfE8gEWYP8PiZpmLQAsw jump2tik2 (RSA)
256 SHA256:nI4oMy+pzAhmaX5MYqHBVDXubT6vkaxlSvC0IC0gnfA jump2tik2 (ECDSA)
256 SHA256:yrLU8+L6XSA8ax0Zqf1Vz9/82jNfsoXAn/ARIBIPIsI jump2tik2 (ED25519)
Jumping is easy, you can simply type:
ssh -J yourethuser@j2tik.ethz.ch yourethuser@wantedhosttojumpto.ethz.ch
Or even put it to your SSH-config –> /home/yourhomedir/.ssh/config, so that you can directly type “ssh wantedhosttojumpto”.
First our jumphost “j2tik”. Directly reachable
“`
Host j2tik
HostName j2tik.ethz.ch
User yourethuser
IdentityFile ~/.ssh/your_ed25519key
“`
Host to jump to over our jumphost (j2tik.ethz.ch –> wantedhosttojumpto.ethz.ch)
“`
Host wantedhostojumpto
HostName wantedhosttojumpto.ethz.ch
User yourethuser
IdentityFile ~/.ssh/your_ed25519key
ProxyCommand ssh -q -W %h:%p j2tik
“`
Even more funny stuff
like pipe-lining proxies, directly exec software as a screen session and so on ;):
https://en.wikibooks.org/wiki/OpenSSH%2FCookbook%2FProxies_and_Jump_Hosts