Antoine Beauprétitle: learning how to do an ssh jump host on tpoYou need to use an ssh jump host to access internal machines at tpo.
If you have a recent enough ssh (>= 2016 or so), then you can use the ProxyJump directive. Else, use ProxyCommand.
ProxyCommand automatically executes the ssh command on the host to jump to the next host and forward all traffic through.
With recent ssh versions:
Host *.torproject.org !people.torproject.org
ProxyJump people.torproject.orgOr with old ssh versions (before OpenSSH 7.3, or Debian 10 "buster"):
Host *.torproject.org !people.torproject.org
ProxyCommand ssh -l %r -W %h:%p people.torproject.orgIf your local username is different from your TPO username, also set
it in your .ssh/config:
Host *.torproject.org
User USERNAMEIt is also worth keeping the known_hosts file in sync to avoid
server authentication warnings. The server's public keys are also
available in DNS. So add this to your .ssh/config:
Host *.torproject.org
UserKnownHostsFile ~/.ssh/known_hosts.torproject.org
VerifyHostKeyDNS askAnd keep the ~/.ssh/known_hosts.torproject.org file up to date by
regularly pulling it from a TPO host, so that new hosts are
automatically added, for example:
rsync -ctvLP perdulce.torproject.org:/etc/ssh/ssh_known_hosts ~/.ssh/known_hosts.torproject.org