How does ssh ProxyCommand actually work?

ssh proxy ssh-tunnel

Solution 1:

3) A netcat tunnel is created from bastion.com to port 22 of final.com.

false, there's no netcat.

1) The user enters ssh final on localhost. This launches the parent ssh process
2) The parent ssh creates a child ssh with I/O redirected to pipes
3) The child ssh creates a connection to bastion.com.
4) The sshd process on bastion.com creates a tcp connection to final.com:22
5) An ssh channel is added to existing ssh connection between localhost and bastion.com
6) Parent ssh writes the handshake data to the pipe, the child ssh reads it from the pipe, sends via the ssh channel to sshd on bastion.com; sshd reads it and writes it to the socket connected to final.com. Similarly, the data is transmitted from final.com to localhost

Related

Domain Controller returns LDAP Referral for it's own domain
How can I assign an IP by MAC address in dhcpd
Benchmarking Azure's Premium Storage P30 Disks
remove tagged Docker image from private registry
Bash one-liner to atomically create a file if it doesn't exist
Azure portal rename resources
10/20/40Gbps nginx large files caching webserver [20Gbps reached]
Can I do something like Linked clones with Hyper-V?
Automatically mount SSD instance storage on AWS EC2 in Ubuntu 16.04
What are the steps to make the php mail() function work on ubuntu-server?
How to utilize spare workstation drive space for server storage/backup
How do I set the global PATH environment in a batch file?