6

I'm trying to write a script that connect to a linux server by using an other one as a ProxyJump:

ssh -J root@proxyhost root@target

I have two different keys (actually ssh certificate) and I would like to tell ssh to use one for the proxy host and the other for the target. I know I could modify the ssh config for that but I would like to specify it on the command line so I don't have to rely on a valid ssh configuration.

So I'm looking for something like:

ssh -i proxyhostkey -J root@proxyhost -i targetkey root@target

The ssh man page of the -J options says (emphasis mine):

Note that configuration directives supplied on the command-line generally apply to the destination host and not any specified jump hosts. Use ~/.ssh/config to specify configuration for jump hosts.

Is it possible to do want I want ? Or do I have to ensure that the ~/.ssh/config file will be correct ?

Improve this question

1 Answer 1

Reset to default
7

No, you'll have to either

  • use two -i parameters and allow ssh to offer both keys to both servers (the order of -i versus -J doesn't matter);

  • or replace -J with a manual ProxyCommand:

    ssh target -oProxyCommand="ssh proxyhost -i ~/otherkey -W %h:%p" -i ~/thiskey
Improve this answer
1
  • I was running ssh in debug mode, I don't think -i gets used for the jump host key, unless you happened to use the default key and it just worked out that way - it was using the id_rsa from my .ssh/ dir, even though I specified a different path. What ssh version was this? Commented Sep 20, 2024 at 19:01

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.