|Brendan Abolivier 3f5c4a73e1 s/proxy/bastion/g||7 months ago|
|LICENSE||7 months ago|
|README.md||7 months ago|
|salt-ssh-bastion-wrapper.sh||7 months ago|
When passed a hostname, salt-ssh will try to look it up in a roster file instead of looking it up, or checking its OpenSSH configuration.
When passed an IP address, it will directly connect with the host, but if you try to reach a host in your company's network that's behind a SSH bastion, you'll have to specify the specific OpenSSH configuration for the host, each and every time, unless you can afford having a host rule in your OpenSSH configuration (which might not always be the case, given the restrictions for addressing in a local network).
You can call this script as you would call
salt-ssh, and pass it a FQDN in the domain of a local network that's behind a bastion. It will look up the proxy configuration in OpenSSH's configuration, lookup the IP address for that FQDN by SSH'ing to the bastion and calling
dig, then call
salt-ssh with the right proxy option and IP address.
digbinary in the user's