On Wed, Feb 19, 2020 at 12:06:21PM -0800, 'Eric Hymowitz' via Ansible Project
wrote:
> So I've got a host that I need to jump through two bastion hosts to get to:
>
> Ansible -----> bastion_1 -----> bastion_2 -----> target
>
> I can use ansible to get to bastion_2 by setting up a hostvar:
>
> ansible_ssh_common_args: -o "ProxyCommand=ssh -q -W %h:%p
> {{local_user_account}}@bastion_1"
>
> ...and that works correctly.
>
> I tried setting up a similar hostvar for target:
>
> ansible_ssh_common_args: -o "ProxyCommand=ssh -q -W %h:%p
> {{local_user_account}}@bastion_2"
>
> ...but that doesn't work, because ansible is trying to ssh directly to
> bastion_2 and not caring about the hostvar set up to access bastion_2.
There is nothing stopping you from adding -o ProxyCommand in the ssh inside
the ProxyCommand.
So something like this might work
ansible_ssh_common_args: -o "ProxyCommand=ssh -o 'ProxyCommand=ssh -q -W %h:%p
user@bastion_1' -q -W %h:%p user@bastion_2"
You may need to play around with the single and double quotes and escaping some
of them.
--
Kai Stian Olstad
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/20200221233153.h3o4mkc3jr4i7nl4%40olstad.com.
