Hi,
I’m currently using sshpiper (GitHub - tg123/sshpiper: The missing reverse proxy for ssh scp) to reverse proxy SSH into different target machines. The reason for this is that I can easily create a user/key combo in sshpiper which will let anyone with the key use SSH straight to the target machine, which are on a private network.
Additionally, the SSH username connecting to sshpiper is different than the one in the target machine.
I want to also use this to allow me to manage certain things of the target machinery. I got it to work using
targets:
hosts:
host1.domain.bla:
ansible_ssh_extra_args: -l host1
ansible_port: 2222
ansible_host: mainmachine.domain.bla
host2.domain.bla:
ansible_port: 2222
ansible_host: mainmachine.domain.bla
ansible_ssh_extra_args: -l host2
host3.domain.bla:
ansible_port: 2222
ansible_host: mainmachine.domain.bla
ansible_ssh_extra_args: -l host3
Unfortunately, this means that SSH will be using ControlPersist against the main host (mainmachine.domain.bla), without keeping in mind that there might be different sessions being proxied.
I was hoping that I could perhaps play with additional extra_args to convince it not do do this specifically for these hosts, and not have to disable it for everything, but that doesn’t seem to work.
Is there a way to specify this?