Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
doku:vpn_ssh_access [2024/02/16 11:26] – Update TU Wien links mpfister | doku:vpn_ssh_access [2024/05/02 09:54] (current) – [Security issues] adding link to man sshd jz | ||
---|---|---|---|
Line 68: | Line 68: | ||
< | < | ||
- | Host vsc4.vsc.ac.at | + | Host vsc5.vsc.ac.at |
Port 27 | Port 27 | ||
+ | User vsc_username | ||
# ForwardAgent yes | # ForwardAgent yes | ||
IdentityFile id_rsa | IdentityFile id_rsa | ||
IdentitiesOnly yes | IdentitiesOnly yes | ||
# ForwardX11 yes | # ForwardX11 yes | ||
+ | </ | ||
+ | |||
+ | === Using a jump host === | ||
+ | A configuration for automatically using a jump host could look like this: | ||
+ | |||
+ | < | ||
+ | Host vsc5.vsc.ac.at vsc5 | ||
+ | User vsc_username | ||
+ | ProxyJump login.univie.ac.at | ||
+ | |||
+ | Host login.univie.ac.at | ||
+ | User uni_username | ||
</ | </ | ||
Line 79: | Line 92: | ||
* In theory it would be possible to create an ssh key without passphrase. However, the possession of this key would allow anyone from anywhere to open a connection. | * In theory it would be possible to create an ssh key without passphrase. However, the possession of this key would allow anyone from anywhere to open a connection. | ||
* Forwarding the ssh key as a standard procedure, e.g. by aliasing the ' | * Forwarding the ssh key as a standard procedure, e.g. by aliasing the ' | ||
- | * One of the worst security issues concerning ssh keys would be to create a passphrase-less ssh-key and copy the public key directly to the ' | + | * One of the worst security issues concerning ssh keys would be to create a passphrase-less ssh-key and copy the public key directly to the ' |