Skip to Content
Useful ThingsSSH Bastion

This file’s a reference for myself for SSH config.

I must use OpenVPN for certain projects, but I want split tunneling on MacOS. The route and route-nopull config can work for some cases, but doesn’t work for hostnames with a dynamic IP. I need DNS to work.

I run an HTTP proxy in a Docker container along with an openssh server. It’s based on this project: https://github.com/jonohill/docker-openvpn-proxy

I can either route traffic via the HTTP proxy, using SSH tunnels, or using corkscrew for SSH tunnelling via HTTP proxy.

# 1Password
Host *
  IdentityAgent "~/Library/Group Containers/blablabla.com.1password/t/agent.sock"

################# LOCAL VPN PROXY ###################
Host vpn-bastion
  HostName 127.0.0.1
  Port 2222
  User root
  PubkeyAuthentication no

################# Some Bastion ###################### 
Host project-staging-bastion
  HostName 123.123.123.123
  Port 22
  User ubuntu
  IdentityFile ~/.ssh/project-staging.pub
  IdentitiesOnly yes
  ProxyCommand /opt/homebrew/bin/corkscrew localhost 8080 %h %p
Obsidian Action ItemsVSCode Extensions