I'm setting up a reverse proxy using Traefik. This works well, and results in a setup that supports the use of a URL (like https://backenddevice.domain.com) which then routes me to that backend device.
Question: Are there tools which allow a similar mechanism with SSH? Eg:
- connect user@backenddevice.domain.com, where DNS magic points me at my single 'SSH proxy'
- SSH on my proxy accepts the login (maybe does ldap or other)
- Connects me straight through to a specific onward device via telnet (or SSH) based on "backenddevice" being in the connect (I don't know if this is even passed when connecting via SSH)
- does not allow any interaction with the instance hosting the proxy (chroot jail also acceptable)
It would also be suitable to have user-backenddevice@domain.com, but the redirection/auth parsing would need to work somehow.
Inspired to ask by this question: How can I create an SSH login that delegates to telnet securely ....but I have x000's of onward destinations and I'm trying to tidy up my firewall etc etc!
Thanks for any magic!
ProxyCommand,ProxyJumpfor connecting to a jumpbox. But I am yet unsure whether this prohibits shell access on jumpbox. – cbugk Sep 13 '22 at 07:04