While I work from my trustworthy Macbook Pro, everything in this tutorial should translate easily to any Unix-variant OS.
This document explains how to access a ssh-enabled server by using another server as a bridge. This may be relevant if you must access server S2, say, in order to to carry out some calculations, but S2 is only connected to a university network S1. From your home computer you would have to first ssh into S1 and then ssh into S2. This quickly becomes messy, when you wish to do anything remotely complicated like transferring files between different machines.
In the end of this tutorial you should be able to simply write
ssh S2. And then end up immediately in S2. Similarly you can use any ssh-based technology like the terminal-based
scp S2:file ., or drag-and-drop based solutions like MacFusion without ever thinking about the complicated two stage ssh-connection.
The ssh program must of course be installed on your home computer and both servers, and publickey authentication must be enabled.
You also need server names, usernames and passwords for both servers S1 and S2.
Set up password-less login
Generate public keys on your home computer, by issuing the command:
ssh-keygen -t rsa
Leave everything blank. If you wish, you can generate different keys for logging into S1 and S2, and in that case you should save the keys in different files likes
Move the generated keys to the server:
scp ~/.ssh/id_rsa.pub username1@S1:id_rsa.pub
.ssh directory and append the key to the
1 2 3 4 5
Repeat this procedure for S2, making sure to move the relevant files all the way through S1 first. Remember to delete the
id_rsa.pub file after you have added it to the
You should then be able to log in to S1 from your home computer without using your password. Test that this work seamlessly before moving on.
On your computer
~/.ssh/config file to manage your connections. In the config file you should put the following:
1 2 3 4 5 6 7 8 9 10 11 12 13 14
The variables S1nick and S2nick are some short nick names for the two servers. This is convenient because servernames tend to be long and tedious to type. If you are using a university network you could e.g. set S1nick to “uni” and S2nick to “calc”.
Now you can access S1 with the command
And server S2 with,