Trying to do a couple things. I have 2 jump hosts I can use to get into my cluster login node. From my laptop to the jump hosts is password. From jump hosts to login node can be key-based, so if I do it all from CLI:

[me@home ~]$ ssh user@jump1
Password:
[user@jump1 ~]$ ssh user@login1
[user@login1 ~]$ 

Same process if I use jump2.

So first thing I’m trying to do is set up my ~/.ssh/config to use the ProxyJump host and key file to get to login1. I have the following:

Host jump1
  Hostname jump1.domain
Host jump2
  Hostname jump2.domain
Host login1
  Hostname login1.cluster
  ProxyJump jump1
  #ProxyJump jump2

I’m not sure how to configure the IdentityFile entries for each jump host. The user on the jump hosts has different id_rsa keys in ~/.ssh, but both are in the authorized_keys file on login1.

Second thing I’m trying to do is join or start a tmux session. From CLI, I can run:

tmux has-session -t mysession || tmux new -s mysession && tmux a -t mysession

I’ve learned that to just join a running session (tmux a -t mysession), I need to include “RequestTTY yes” in my ssh config entry for login1. What I can’t get working is the conditional statement that will fire up a new tmux session if it doesn’t already exist.

  • @[email protected]
    link
    fedilink
    29 months ago

    To join or create a session in tmux try: tmux new -As mysession. The -A makes new attach to a session if it already exists.

    Using a proxyjump host in ssh doesn’t quite work like that. It effectively logs into the jump host, then forwards a port to the target server and logs you in via that. So you need to put the public key from your machine in the authorized_keys file on both the jump hosts (jump1 and jump2) and the target server (login1).

    Let me know if that’s not clear, I’m not sure I interpreted your question correctly.

    • d00phyOP
      link
      English
      19 months ago

      Thanks! That worked. Didn’t know about the “-A” option for new.

  • lurch (he/him)
    link
    fedilink
    -29 months ago

    this is a lot of text, but the important part, an error message, is missing.