Okay so I'm looking for a way to script coping files to and from a number of remote hosts behind a bastion (jump) server. I've been trying to use the ProxyCommand option so far all it does is throw errors. I can successfully tunnel through the bastion via SSH, just having trouble with SCP.
Ok so I have my source system, 1 jump host and 16 servers behind said jump box. I need to be able to script copying a file to each of these systems, execute the script that was copied and then scp the results back to the initiating system. The jump box and 16 systems behind it are running in AWS, I am connecting to them via a VPN tunnel to our corporate network. To help visualize it better...
Step 1: SCP Local -> Jump -> Remote Step 2: SSH execute script on destination (works fine). Step 3: SCP Local <- Jump <- Remote I have tried creating a tunnel to run SCP through by doing "ssh -L 9999:host2:22 user@host1" but this opens a shell to the host1 system making scripting difficult. I tried throwing it into the background but the process stops when not in the foreground. The other problem is scripting the creation and removal of this tunnel for each of the 16 systems. I also tried doing the SCP via the following command:
scp -i ~/.keys/sharedkey.pem -o "ProxyCommand ssh -W %h:%p -i ~/.keys/sharedkey.pem user@jumpbox" /opt/localfiletocopy user@remote:/opt/remotedestination I get the following error:
channel 0: open failed: administratively prohibited: open failed ssh_exchange_identification: Connection closed by remote host lost connection Finally I have also seen some suggestions to use .ssh/config to set some things up but unless absolutely necessary I'd rather not complicate things by having to maintain additional files. It should be possible to do this from a single line command. Please, any suggestions/comments are welcome.
[link] [comments]