|
|
|
|
|
|
by mlyle
1613 days ago
|
|
|
I suggest: AllowAgentForwarding no
AllowTcpForwarding yes
X11Forwarding no
PermitTunnel no
GatewayPorts no
PermitOpen *:22
ForceCommand echo 'Nope'
Then: ssh -J finaluser@finalhost user@bastion
You can nicely use your local agent, etc. Bastion is relatively hardened. Etc. |
|
|