SSH Bouncing

SSH bouncing is a method of getting end to end encrypted access to hosts behind restrictive firewalls. ssh hostA 'ssh hostB' isn't much good, because it doesn't provide end to end encryption. All it really does is login to the second host automatically. SSH bouncing tunnels one SSH connection inside the other to create a full connection to the firewalled host. It could also be done with local SSH port forwards, but this method is simpler, and doesn't require two terminals - one to set up the forward, and the other to SSH to the firewalled host.

hostA is firewall or internet facing host.
hostB is behind firewall.

Stick the following in your .ssh/config file:

Host hostB
Hostname hostB.local
User hostBuser
ProxyCommand ssh hostAuser@hostA /bin/nc -w 1 hostB.local 22

To log into your remote host, simply type ssh hostB

3 thoughts on “SSH Bouncing

  1. I need a clarification. Do you mean that using the bouncing method, data won't be decrypted and re-encrypted at each server in the chain, as normal? It's truly encrypted from the start of the chain to the end?

    • Hi.

      Yup. Truly encrypted from start to end.

           SSH in SSH          SSH
       __              __              __ 
      |==|------------|==|            |==|
      |  |============================|  |
      |__|------------|__|            |__|
      You            Bouncer       Destination


Leave a Reply