this post was submitted on 14 Feb 2024
5 points (77.8% liked)

DevOps

1685 readers
3 users here now

DevOps integrates and automates the work of software development (Dev) and IT operations (Ops) as a means for improving and shortening the systems development life cycle.

Rules:

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 1 year ago
MODERATORS
 

Trying to do a couple things. I have 2 jump hosts I can use to get into my cluster login node. From my laptop to the jump hosts is password. From jump hosts to login node can be key-based, so if I do it all from CLI:

[me@home ~]$ ssh user@jump1
Password:
[user@jump1 ~]$ ssh user@login1
[user@login1 ~]$ 

Same process if I use jump2.

So first thing I'm trying to do is set up my ~/.ssh/config to use the ProxyJump host and key file to get to login1. I have the following:

Host jump1
  Hostname jump1.domain
Host jump2
  Hostname jump2.domain
Host login1
  Hostname login1.cluster
  ProxyJump jump1
  #ProxyJump jump2

I'm not sure how to configure the IdentityFile entries for each jump host. The user on the jump hosts has different id_rsa keys in ~/.ssh, but both are in the authorized_keys file on login1.

Second thing I'm trying to do is join or start a tmux session. From CLI, I can run:

tmux has-session -t mysession || tmux new -s mysession && tmux a -t mysession

I've learned that to just join a running session (tmux a -t mysession), I need to include "RequestTTY yes" in my ssh config entry for login1. What I can't get working is the conditional statement that will fire up a new tmux session if it doesn't already exist.

top 3 comments
sorted by: hot top controversial new old
[–] [email protected] 2 points 9 months ago (1 children)

To join or create a session in tmux try: tmux new -As mysession. The -A makes new attach to a session if it already exists.

Using a proxyjump host in ssh doesn't quite work like that. It effectively logs into the jump host, then forwards a port to the target server and logs you in via that. So you need to put the public key from your machine in the authorized_keys file on both the jump hosts (jump1 and jump2) and the target server (login1).

Let me know if that's not clear, I'm not sure I interpreted your question correctly.

[–] [email protected] 1 points 9 months ago

Thanks! That worked. Didn't know about the "-A" option for new.

[–] [email protected] -2 points 9 months ago

this is a lot of text, but the important part, an error message, is missing.