Home Posts Notes Now

SSH configuration


My Raspberry PI is part of my tailnet. I wanted to use it as a jump box to connect to some other Tailscale hosts from machines that aren't part of the tailnet. This can be configured by editing ~/.ssh/config (see this link for more details):

1Host *
2 ServerAliveInterval 60
4Host raspberrypi
5 HostName
6 User mario
8Host remote-host
9 HostName remote-host.domain.com
10 ProxyCommand ssh -W %h:%p raspberrypi

This works even better if I use key-based authentication.

In ~/.ssh/config I can tell where the keys are:

1Host *
2 AddKeysToAgent yes
3 UseKeychain yes
4 IdentityFile ~/.ssh/id_ed25519

and then tell the Raspberry PI to trust it via cat ~/.ssh/id_ed25519.pub | ssh username@remote_host "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"