Comment by haolez

Comment by haolez 10 months ago

3 replies

Kind of related, but I was wondering if there is some kind of redirect functionality in SSH itself. Something like:

- A wants to SSH into B

- B tells A that it must connect to C instead

- A transparently connects to C directly

- B is not a part of the critical data path anymore

Does something like this exist?

bongodongobob 10 months ago

I think you could do that with a virtual IP. For some reason my firewall/router doesn't communicate DHCP option 67 correctly, it sends its own address no matter what I do so I had to set up a a virtual IP/rule to route all PXE boot traffic on whatever port that is going to the routers IP, over to the real PXE boot server instead.

shmerl 10 months ago

It would be misleading if A doesn't know that the real target is C.

Otherwise you can use jump functionality

From A:

    ssh -J B C
If B doesn't need to be part of the path, just connect to C directly if it's doable. If it's not, then B will have to be a hop either way.
lytedev 10 months ago

B could port forward (as in route packets?) to C, but I don't think there are any HTTP Permanent Redirect equivalents, no.

Maybe you can explain the problem more and perhaps there's a more suitable solution?

If you have a host that's somewhat embedded, you can have DNS handle the "routing" for you. You will have to handle fingerprint verification.