Method 1: Forced Command

Using publickey authentication, a command can be associated with the key. Generate the public key in the normal way ( keygen ) and copy it to the gatway host. Create an authorisation file and associate the command with it.

i.e. with OpenSSH on the gateway host, edit ~/.ssh/authorized_keys adding:

command="ssh -l user1 targethost" key

with SSH edit ~/.ssh2/authorization adding:

 command="ssh -l user1 targethost"

Method 2: SSH in SSH

On the client execute:

ssh -L2001:targethost:22 gatewayhost

In another shell enter:

ssh -p 2001 localhost

You will now get tunnelled through to the target host. If you specify X11 forwarding on the second ssh connection, X11 forwarding will work as normal.

Recent Changes