How can I deploy to a remote server behind a jump host via SSH?

tats_u December 31, 2019

I have a application server that can be deployed only via a SSH jump host.

However, the feature updating SSH known hosts in the Pipelines seems to support only hosts accessible directly from the internet.

How can I fetch the SSH host key of servers behind jump hosts?

2 answers

0 votes
tats_u January 5, 2020

Step 2 of https://confluence.atlassian.com/bitbucket/use-ssh-keys-in-bitbucket-pipelines-847452940.html .

I can connect to the host only by `ssh target` the following SSH configuration (sensitive information is replaced)

Host target
User snip
HostName target.localnetwork.mydomain.example.snip
Identityfile ~/.ssh/id_ed25519_snip
ProxyJump jumphost
Host jumphost
User snip
HostName ssh-jumphost.mydomain.example.snip
Identityfile ~/.ssh/id_ed25519_snip

Assume hosts of *.localnetwork.mydomain.example.snip can't be accessed directly from outside of *.mydomain.example.snip .  Pipeline containers can access to ssh-jumphost.mydomain.example.snip .

0 votes
ktomk
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 5, 2020

To which feature of updating SSH known hosts in the Pipelines are you referring to? Can you provide a link? I just ask b/c it's not very clear to me which makes it hard to give concrete suggestions.

If you update known hosts unattended w/o providing a known good, this basically means that you ignore it anyway. If that is the case, you can disable the check / dev/null the known hosts file and disable the warning (StrictHostKeyChecking and UserKnownHostsFile options). This would be by SSH settings.

Still yet I can't say from your question which SSH options are accessible in your scenario. This can be done in the SSH config file or on the command line (e.g. ProxyCommand option).

But perhaps this helps you already.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events