I agree with Tood, that setting up a propper ~/.ssh/config should be the way to
do this. something like ...
Host jumphost
HostName jumphost.blub.com
User username
PreferredAuthentication publickey
IdentityFile ~/.ssh/demo.ed25519
Host internal-target
Hostname target.blub.com
ProxyJump jumphost
User username
PreferredAuthentication publickey
IdentityFile ~/.ssh/demo.ed25519
... should do it I believe
> On 04/02/2023 10:51 PM CEST Todd Zullinger <[email protected]> wrote:
>
>
> Will McDonald wrote:
> > https://www.jeffgeerling.com/blog/2022/
> > using-ansible-playbook-ssh-bastion-jump-host
>
> Odd that uses ProxyCommand in `ansible_ssh_common_args` and
> not the far simpler ProxyJump, which it does mention in the
> ~/.ssh/config method. The `-J` shortcut for that is even
> better.
>
> Perhaps it does that to illsutrate a more complex use case,
> where the bastion runs on a different port, but if you're
> not doing that, it's likely simpler to skip it and use the
> `-J` argument.
>
> I would expect (but have not tested) this works:
>
> ansible_ssh_common_args='-J $your_bastion_hostname'
>
> ProxyJump / -J was added in OpenSSH-7.3 -- so it's surely on
> any host folks would be using as an ansible control host.
>
> --
> Todd
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/ZCnqsTK-z1LKdm05%40pobox.com.
---
gunnar wagner | fichtestr. 1, 19386 lübz | fon: 0176 7808 9090
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/404677238.549090.1680500565843%40office.mailbox.org.
