Conexión remota A->B->C con SSH (~/.ssh/config)

conectar desde A a C (que no es accesible directamente por A) a través de B usando SSH

• conectamos desde nuestra máquina local a bastion (A)
• conectaremos a la máquina C a través de A, según marca la configuración del fichero

• https://superuser.com/questions/1140830/ssh-agent-forwarding-using-different-usernames-and-different-keys
• https://serverfault.com/questions/337274/ssh-from-a-through-b-to-c-using-private-key-on-b
• https://acloud.guru/forums/aws-certified-solutions-architect-associate/discussion/-L0Y3TE-GaOtkoeslVq1/how_to_ssh_into_a_private_inst

• ficheros para crear 2 contenedores con servicio SSH
• hay que generar 2 keys y usar ssh-copy-id para cada uno de ellos

docker-compose.yml

version: '3.6'
 
services:
 
  bastion:
    image: gotechnies/alpine-ssh 
    ports:
      - '2345:22'
    container_name: bastion
    networks:
      bastion-network:
        ipv4_address: 172.23.0.2
 
  gargamex:
    image: gotechnies/alpine-ssh
    ports:
      - '3456:22'
    container_name: gargamex
    networks:
      bastion-network:
        ipv4_address: 172.23.0.3
 
networks:
  bastion-network:
    name: bastion-network
    driver: bridge
    ipam:
      driver: default
      config:
        - subnet: 172.23.0.0/24

.ssh/config

Host gargamex
    Hostname 172.23.0.3
    User root
    ProxyCommand ssh bastion -W %h:%p
    ForwardAgent yes
    IdentityFile /home/mate/Docker/bastion/gargamex-key 
 
Host bastion
    #ForwardAgent yes
    HostName 172.23.0.2
    User root
    ProxyCommand none
    IdentityFile /home/mate/Docker/bastion/bastion-key