I am trying to set jump host connection with Paramiko.
This is settings that I have in ~/.ssh/config
Host jump.csail.mit.edu
GSSAPIAuthentication yes
GSSAPIKeyExchange yes
VerifyHostKeyDNS yes
Host *.csail.mit.edu !jump.csail.mit.edu 128.52.* 128.30.* 128.31.*
ProxyCommand ssh -W %h:%p jump.csail.mit.edu
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes
GSSAPIKeyExchange yes
and it works if I connect from a Terminal.
I also found this code for Paramiko jump host connection and I wonder what should I set jumpbox_public_addr and jumpbox_private_addr based on the above ssh config setting?
import os
import paramiko
ssh_key_filename = os.getenv('HOME') + '/.ssh/id_rsa'
jumpbox_public_addr = '168.128.52.199'
jumpbox_private_addr = '10.0.5.10'
target_addr = '10.0.5.20'
jumpbox=paramiko.SSHClient()
jumpbox.set_missing_host_key_policy(paramiko.AutoAddPolicy())
jumpbox.connect(jumpbox_public_addr, username='root', key_filename=ssh_key_filename)
jumpbox_transport = jumpbox.get_transport()
src_addr = (jumpbox_private_addr, 22)
dest_addr = (target_addr, 22)
jumpbox_channel = jumpbox_transport.open_channel("direct-tcpip", dest_addr, src_addr)
target=paramiko.SSHClient()
target.set_missing_host_key_policy(paramiko.AutoAddPolicy())
target.connect(target_addr, username='root', key_filename=ssh_key_filename, sock=jumpbox_channel)
stdin, stdout, stderr = target.exec_command("ifconfig")
for line in stdout.read().split(b'\n'):
print(str(line))
target.close()
jumpbox.close()
Thank you!
jumpbox_public_addr is address of your jump server, what should be the jump.csail.mit.edu.
jumpbox_private_addr (src_addr parameter of Transport.open_channel) is source address of the connection from jump.csail.mit.edu to your destination server. In general you do not care about that (as you do not care about a source address and port of most TCP connections). And it definitely should not be the port 22. The following should tell the server to use the defaults:
src_addr = ("0.0.0.0", 0)