My Raspberry PI is part of my tailnet.
I wanted to use it as a jump box to connect to some other Tailscale hosts from machines that aren't part of the tailnet.
This can be configured by editing
~/.ssh/config (see this link for more details):
1 Host * 2 ServerAliveInterval 60 3 4 Host raspberrypi 5 HostName 192.168.1.59 6 User mario 7 8 Host remote-host 9 HostName remote-host.domain.com 10 ProxyCommand ssh -W %h:%p raspberrypi
This works even better if I use key-based authentication.
~/.ssh/config I can tell where the keys are:
1 Host * 2 AddKeysToAgent yes 3 UseKeychain yes 4 IdentityFile ~/.ssh/id_ed25519
and then tell the Raspberry PI to trust it via
cat ~/.ssh/id_ed25519.pub | ssh username@remote_host "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"