1

I have looked all around but couldn't find the answer to a very simply question:

I would like to log into machine C from machine A, passing through machine B. However, B is slow, so I would also like my connection to C to be compressed/decompressed at C, tunneled through B, and decompressed/compressed at A.

What ssh command should I execute (in machine A) to get a prompt at machine C when:

  1. I am physically at machine A.

  2. I can use ssh to log directly...

    2.1. ... into machine B from A

    2.2. ... into machine C from B

  3. I cannot log into machine C from A directly

[EDIT]

This is not a duplicate because:

  1. I am not asking how to forward traffic in general, only an ssh connection, so there could be a different answer for the particular case of ssh forwarding through ssh
  2. I am asking for compression at the ends (as even the title mentions)
Improve this question
7
  • @bersch This is not a duplicate because this question is (currently) not limited to SSH (and SSH may not even be the best solution). Commented Mar 6, 2014 at 0:38
  • What does "through machine B" mean exactly? Is forwarding on IP level enough or is it required that you login to B first and create a new connection to C from there? Commented Mar 6, 2014 at 0:40
  • 1
    @bersch this is also not a duplicate because the OP specifically asks for compression details, the dupe just explains tunnels. Commented Mar 6, 2014 at 2:00
  • @HaukeLaging, this is an ssh question, but I want compression at the ends. Through machine B means "through some ssh process I own in machine B". For that I somehow have to login to B. Commented Mar 6, 2014 at 11:39
  • Also, this is not a duplicate because I want to tunnel an ssh connection, not traffic in general, and there could be a particular ssh solution for that. Commented Mar 6, 2014 at 11:54

1 Answer 1

Reset to default
2

Assuming you have:

  • A with ip address ip_A
  • B with ip address ip_B
  • C with ip address ip_C

From a first terminal connect to the B and set a tunnel to C on ssh (port 10022 is used for the tunnel but it can be anything else):

ssh ip_B -L10022:ip_C:22

Then from another terminal, you will be able to connect "directly" to C from A by using the tunnel you just set and you add some compression option to the ssh command if needed:

ssh localhost -p 10022 -o "Compression=yes" -o "CompressionLevel=9"

In the latest command, I set compression to maximum, but it can be tuned from 1 to 9, 9 being the highest, but also the slowest.

Improve this answer
5
  • This didn't work for me. I got this on the second terminal (when issuing the ssh localhost): ssh_exchange_identification: Connection closed by remote host; and at the same time, on the first terminal (sshed into B): channel 3: open failed: administratively prohibited: open failed Commented Mar 5, 2014 at 23:27
  • Seems you have firewall issues as well (I would assume on host B): SSH tunneling error - "channel 1: open failed: administratively prohibited: open failed” Commented Mar 6, 2014 at 0:09
  • ... or your sshd configuration (but I was not able to reproduce your error). Commented Mar 6, 2014 at 0:21
  • The problem was actually that I was using gateway aliases in place of ip_B and ip_C, and these actually refer to more than one physical machine. So these gateways need to block this kind of stuff, since you can be logged into one machine the 1st time and another one the 2nd. Once I chose particular machine IPs it worked. So thanks, your answer solved it :) Commented Mar 6, 2014 at 11:52
  • fwiw I found I had to add -4 (use ipv-4) to the first ssh command or I'd get the 'administratively prohibited' message (which appears on B). Commented Jul 12, 2019 at 13:22

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.