Added details about securing the bastion itself.

2017-10-10 16:31:38 -05:00 · 2017-10-10 16:31:38 -05:00 · 9ac0b6283f
commit 9ac0b6283f
parent dca6bf1757
1 changed files with 8 additions and 0 deletions
--- a/README.rst
+++ b/README.rst
@ -93,6 +93,14 @@ For example:

  | ssh -o ProxyCommand="ssh -W %h:%p 10.99.157.129" ubuntu@10.0.0.13

+Or (for OpenSSH 7.3 and later):
+
+  | ssh -o ProxyJump="10.99.157.129" ubuntu@10.0.0.13
+
+Note that one of the user SSH certificate's principals must be mapped to an account on the bastion (or the bastion will reject the SSH connection). Tatu configures the bastion (e.g. on Ubuntu 16.04) AuthorizedPrincipalFile with a single file named 'nobody' which contains the names of all principals. This allows the SSH client to use the bastion as a jump host but not to login there; this secures the bastion itself. The ssh command is therefore:
+
+  | ssh -o ProxyJump="nobody@10.99.157.129" ubuntu@10.0.0.13
+
 Future Work
 -----------