A short introduction to our 2 following SSH-jumphost

 

To enhance our security a bit, normally, SSH is closed from outside of the ETH to our main network (82.130.102.0/23)

Please do use our VPN or our 2 following SSH-jumphost:

– j2tik.ethz.ch

ssh fingerprints:

256 SHA256:W43HEHZqTF+u8IPyFvsYyMUvqxd1B7b6+xCtrc4Q8fs jump2tik (ED25519)
2048 SHA256:+DeEXlFJELGTsjr7VN9vZZPJWZvLTNIpNMsqwHnpYUc jump2tik (RSA)
256 SHA256:ydLCtMZMprTnmiNqXVo0sk4QrEWw1vpLgiCxheAD2OQ jump2tik (ECDSA)

– j2tik2.ethz.ch

ssh-fingerprints (updated June 2023):

2048 SHA256:aTepmYZe67g8GgRVnjs/SAIPfE8gEWYP8PiZpmLQAsw jump2tik2 (RSA)
256 SHA256:nI4oMy+pzAhmaX5MYqHBVDXubT6vkaxlSvC0IC0gnfA jump2tik2 (ECDSA)
256 SHA256:yrLU8+L6XSA8ax0Zqf1Vz9/82jNfsoXAn/ARIBIPIsI jump2tik2 (ED25519)

 

Jumping is easy, you can simply type:
ssh -J yourethuser@j2tik.ethz.ch yourethuser@wantedhosttojumpto.ethz.ch

Or even put it to your SSH-config –> /home/yourhomedir/.ssh/config, so that you can directly type “ssh wantedhosttojumpto”.

First our jumphost “j2tik”. Directly reachable

“`
Host j2tik
HostName j2tik.ethz.ch
User yourethuser
IdentityFile ~/.ssh/your_ed25519key
“`

Host to jump to over our jumphost (j2tik.ethz.ch –> wantedhosttojumpto.ethz.ch)

“`
Host wantedhostojumpto
HostName wantedhosttojumpto.ethz.ch
User yourethuser
IdentityFile ~/.ssh/your_ed25519key
ProxyCommand ssh -q -W %h:%p j2tik
“`

Even more funny stuff

like pipe-lining proxies, directly exec software as a screen session and so on ;):
https://en.wikibooks.org/wiki/OpenSSH%2FCookbook%2FProxies_and_Jump_Hosts