SSH proxy jump

From XPUB & Lens-Based wiki
Revision as of 20:12, 15 October 2024 by C3 (talk | contribs)
Manetta proxy jump.jpg


As the collective sandbox servers are hosted from the school, they use a hidden VPN network to connect to the internet, famously known as the HUB.

To be able to SSH to a sandbox server from outside of the school, you can use a SSH proxy jump.

The SSH proxy jump will make a connection to the sandbox through XPUB's XVM server.

Using a SSH proxy jump to access a sandbox server

Download the jump key files from Zulip and save them to the ~/.ssh/ on your laptop (not on the sandbox!):

jump
jump.pub

Copy the following config file, change the USERNAME to your username, and save it to ~/.ssh/config on your laptop:

Host xvm_jump
User jump
Hostname 194.61.65.6
Port 2501
Identityfile ~/.ssh/jump

Host NAMEOFSANDBOX
Hostname 10.0.0.XXX
User USERNAME
ProxyJump xvm_jump
Identityfile ~/.ssh/id_ed25519

Now, you should be able to ssh to the sandbox, both from the school and outside the school, with this command:

$ ssh NAMEOFSANDBOX


Claudio's notes (⚠ ⚠ to edit)

When you connect to the sandbox you normally type this in the terminal :


ssh + *yourusername + *sandbox's id address


Inside of the school, this works, you're connecting to the sandbox under the same network, but how does it work from home or from outside of the school's walls in general?

If you're somewhere else you'll have to connect to the XVM (XpubVirtualMachine) server, which is a public server from the school that hosts all the sandboxes (and other things like ...).

The XVM is somewhere, but definitely not in the building. Inside the XVM, you'll log into a public user called "jump" (*representation of jump 🕵), jump is part of a super secret connection that is not accessible to the broader "public", through this connection (VPN)

See also