Feature suggestion: Multi hop connections

[mgttlinger]

This could be relevant for accessing cluster machines through a gateway machine.

[sdowdy]

FWIW, here's what i do for 'ssh' connections ...

[~/.ssh/config]
Host    *!*
    LogLevel ERROR
    ProxyCommand $(h="%h";p="%p" ; echo ssh -o 'LogLevel=ERROR' -W ${h##*\!}:%p -l root ${h%%\!*})

Then, for pdsh, i do:

pdsh -lroot -w 'cluster-login-node!node[1-64]'

Just be sure you escape the '!' -- I have seen others use '+' as the hop-delimiter character.
I used to use '::' but found that 'scp' wouldn't support that, even though 'ssh' did.
NOTE:
:: (DECnet style gateway hops ;) )
! (bitnet style routing ;) )

Unfortunately, i haven't figure out if there's any way (i don't think so at this point), to use ProxyJump directive in a macro substitution way. It seems to only support hardcoded names, so you'd need one for every cluster login node (bleah).

You could also create a POSIX function like:

jpdsh() {  
    jumphost="${1:?JumpHost?}"
    hostspec="${2:?host-spec?}"
    shift; shift
    export PDSH_SSH_ARGS_APPEND="-J ${jumphost} -o stricthostkeychecking=no"
    pdsh -w "${hostspec}" "$@"
}

to leverage a dynamic value for the Jump Host.
(i put in stricthostkeychecking=no for my test, as there's no way to approve hostkey mismatch via JumpHost -- nor would you want to for N compute nodes :-( )

[sdowdy]

Oof, sorry, quick note, i actually use '!!' and edited the ssh config stanza only partially.
So, you'd need to replace the '!!' in the ProxyCommand entry with '!'. I had a '!' and a '!!' entry like this, and kinda forgot, but i think i used '!' for non-root, and '!!' for 'root'. I have a MUCH more complicated one that allows an arbitrary chain of "[user@]host..." specs, but never use it.
EDIT: fixed it via edit (i dont' use github much, and forgot i could)

[iavael]

Also you can use ProxyJump feature in relatively new openssh client