SSH configuration

2023-03-01

My Raspberry PI is part of my tailnet. I wanted to use it as a jump box to connect to some other Tailscale hosts from machines that aren't part of the tailnet. This can be configured by editing ~/.ssh/config (see this link for more details):

1 Host *
2   ServerAliveInterval 60
3 
4 Host raspberrypi
5   HostName 192.168.1.59
6   User mario
7 
8 Host remote-host
9   HostName remote-host.domain.com
10   ProxyCommand ssh -W %h:%p raspberrypi

This works even better if I use key-based authentication.

In ~/.ssh/config I can tell where the keys are:

1 Host *
2   AddKeysToAgent yes
3   UseKeychain yes
4   IdentityFile ~/.ssh/id_ed25519

and then tell the Raspberry PI to trust it via cat ~/.ssh/id_ed25519.pub | ssh username@remote_host "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"

1	Host *
2	ServerAliveInterval 60
3
4	Host raspberrypi
5	HostName 192.168.1.59
6	User mario
7
8	Host remote-host
9	HostName remote-host.domain.com
10	ProxyCommand ssh -W %h:%p raspberrypi

1	Host *
2	AddKeysToAgent yes
3	UseKeychain yes
4	IdentityFile ~/.ssh/id_ed25519