SSH: fully transparent passthrough from A through B to C

Question

I'd like to setup three hosts:

HostC - destination host. You can login to it as ssh UserC@HostC with private key.
HostB - "ambassador/proxy" for HostC. When you ssh to HostB (simply as ssh UserB@B with UserB private key, without any additional actions like ProxyCommand in the config), it should be full equivalent of sshing directly to HostC. Of course, HostB has private key needed to connect to HostC. I have full control over HostB itself.
HostA - host, from which we want to run ssh UserB@HostB and - via HostB - connect to destination HostC without even knowing beforehand about HostC.

There's almost the same questions here:

However, accepted answer there is to use ProxyCommand. This requires configuration on HostA, which is not desirable in my case.

Is such scenario at all possible? Thanks!

score 1 · Accepted Answer · answered Apr 07 '18 at 15:41

1

In /etc/ssh/sshd_config on HostB, you could write something like

ForceCommand ssh HostC

maybe prececed by a Match operator to select on certain users or source hosts or IP addresses. See man sshd_config for more details.

answered Apr 07 '18 at 15:41

Andrew Schulman

1 Answers1