We have a bunch of websites on LXD containers behind Debian HAproxy container 1.7.5-2 (from backports). We were trying to made ssh work trough the reverse proxy but no way:
Code: Select all
frontend SSH_frontend
bind *:7822
mode tcp
default_backend SSH-backend
Code: Select all
backend SSH-backend
mode tcp
option tcplog
Code: Select all
acl 01-vps req.hdr(host) -i 01 domain.coop
acl 02-vps req.hdr(host) -i 02.vps domain2.coop
acl 03-vps req.hdr(host) -i 03.vps.domain3.coop
acl 04-vps ssl_fc_sni_reg 04.vps domain4.coop
use-server vps01 if 01-vps
use-server vps02 if 02-vps
use-server vps03 if 03-vps
use-server vps04 if 04-vps
Then we are trying for so long to figure out how to set up an SSH gateway or bastion in a transparent way, in a sense that would be easy for common users to connect via Filezilla to the server. We most have Gnu/Linux users then Putty is not an option
We configured an SSH gateway and we could connect to servers this way:
Code: Select all
ssh -tt -A -p 2222 user@gateway_ip ssh user@container_ip
Do you have any suggestions to accomplish that?