ssh gateway which can proxy to upstream servers based on user name?

ssh

Every user has a dedicated machine, but is not exposed to the outside world. The 'gateway' is the only system that is exposed.

The user has no idea of this setup. He just does ssh username@gateway which should be equivalent to ssh [email protected].

Can we configure a gateway sshd with which we can achieve this? Each machine has a single user. So, there can't be any confusion in determining the upstream server.


Solution 1:

Setting up

Match group proxyUsers
  ForceCommand /bin/connect_to_user_machine

and having /bin/connect_to_user_machine

#!/bin/bash
ssh $USER@$USER.internal $SSH_ORIGINAL_COMMAND

will do the job

Related

How do I restore a partimage image to a smaller drive?
Windows Hosts DNS query for _ldap._tcp.domaincontroller, is this normal?
How do I remove a DS record from my parent zone using Amazon Route 53?
How to override one entry in a bind9 view?
Cisco VPN Client Behind ASA 5505
How to force CentOS yum to use a later version of a package dependency already installed (php-common as a dependency of php-xml)
Tomcat suddenly shuts down on its own
Windows takes long to access other PCs over network
Innodb one file per tablespace
What is the solid Windows Server 2008 VPS hosting (preferably) in Europe? [closed]
Port redirection with iptables to localhost / blocking the destination port
Unable to unlock account in AD