What is a jump or bastion host? A bastion host is a machine specially locked down and fortified against internet based attacks that you can use to connect through to access machines that are only available on a backend or otherwise proctected (DMZ, etc) network.
The configuration is simple and only requires a few lines in your
In this instance, we want to proxy everything host under svwh.net through jump1.svwh.net (with the exception of any hosts matching the jump*.svwh.net wildcard).
If you forget to exclude your jump hosts from the list of hosts that are proxied through the jump host you may see an error like this:
If this is the case make sure you list your jump host in the host line like is specified as a negation:
!jump*.svwh.net. You should then see correct jump host functionality.
When your jump host configuration is working correctly connections should look something like the following:
Bastion hosts can be an alternative to complicated VPN configurations, depending on your needs. There may be times when VPN configurations are better suited, but bastion hosts can be used to access most resources that may be available only on a private network. Users can port forward over and through the jump host, you can rsync between machines through a jump host, and all this will happen automatically once your
~/.ssh/config file is configured properly.