SSH trick

A while ago, I wanted to copy some stuff from my laptop to a machine behind a proxying firewall.

Very quickly, I got sick of copying something to the firewall, logging in, then copying to the final machine, so I put together a small ssh proxy script that would log into the firewall for me when I requested the dest machine (sunshine), and then use nc to connect to sunshine.

But, the problem is that sometimes I carry my laptop into the house where ‘sunshine’ lives, so I extended it to become the script ssh-through-fw

With that script in an appropriate location, I add this to my ~/.ssh/config:

host sunshine

ProxyCommand $HOME/.install/bin/ssh-through-fw 192.168.1. user@firewall %h %p

Where 192.168.1. is the prefix of the IP range used in the network behind the firewall.

Now, when I am running remotely, connecting to sunshine happens through the firewall, but when I’m behind the firewall it connects directly to the machine without me thinking about it.