The file ~/.ssh/jjacobs-s1t.config
This is an instance of a user-specific file to create the linkage from server-1p to server-1t. It currently hops to usno-serv-1 then to gygax and finally to server-1p. The ssh command is run by root so it can modify the files on server-1p but it needs to use admin to log into usno-serv-1, then the appropriate NRAO user to get into gygax and finally as admin on server-1t.
There will need to be one of these files per NRAO administrator since each will use their NRAO account to get onto gygax.
# Configuration file used to get patches from server-1t via rync.
#
# As configured it hops from server-1p to usno-serv-1 to gygax to server-1t.
# First it will ask for the user's NRAO password to get access to gygax
# and then it will ask for the admin password to get into server-1t.
#
# When server-1p gets its own VPN connection back to NRAO then this can
# be simplified.
#
# It can also be used to ssh or scp to s1t by simply doing
#
# ssh -F ~/.ssh/This-File server-1t
#
# scp -F ~/.ssh/jjacobs-s1t.config server-1t:pathToFiles patchHere (for example)
Host server-1t
HostName usno-server-1t-ext.aoc.nrao.edu
ProxyJump gygax
User admin
IdentityFile ~/.ssh/id_rsa
StrictHostKeyChecking no
Host serv-1p
HostName usno-serv-1.usno.nrao.edu
IdentityFile ~/.ssh/id_rsa_admin
User admin
StrictHostKeyChecking no
Host gygax
HostName gygax.aoc.nrao.edu
ProxyJump serv-1p
User jjacobs
StrictHostKeyChecking no
--
JimJacobs - 2020-06-17