Support proxy connection with SSH Tunnel through bastion server

[cyberduck]

95d3de5 created the issue

Coming from Windows, I used WinSCP for my SFTP transfers. One of the features I miss in Cyberduck is the ability to connect to SFTP though another machine via SSH.

For example, I have a gateway that machine with an SSH server. When I connect to that server via SSH, I can then connect to another machine (inside the network) via SSH.

So having the ability to tunnel through one SSH server to another SSH server for SFTP transfers would be great. Right now, I have to log into the gateway, map a local port to the final machine, and use Cyberduck to connect to localhost:22 after the connection to the gateway has been made.

This would be a wonderful feature and a HUGE help to me and others in similar situations.

---

Attachments

• Without SSH_Tunnel.png (32.9 KiB)
• cyberducktunnelerror.png (96.7 KiB)

[cyberduck]

5327009 commented

I just would like to second this feature request. We also have to access all our files through a gateway machine. It would be very helpful if one could do this via Cyberduck, without extra work.

[cyberduck]

ff038db commented

I would like to third this request. I have the following setup in my ~/.ssh/config file:

Host gateway
  Hostname gateway.mydomain.com

Host server1
  HostName	server1.mydomain.com
  ProxyCommand	ssh gateway netcat %h %p 

This works perfectly for ssh and scp in the Terminal, but not with Cyberduck. Would there be a way for Cyberduck to use that information?

[cyberduck]

4f2c907 commented

this would be very useful for me too

[cyberduck]

ade52fa commented

Seconded this request as well, it'd be hugely useful.

[cyberduck]

65121d1 commented

I have to also ask for this. This is a common corporate strategy and we are stuck dealing with it in strange ways.

[cyberduck]

4acee99 commented

This would be a useful addition for those of us who host machines behind an SSH-enabled gateway host and prefer to avoid opening multiple ports for each machine behind that host.

SSHFS from MacFuse, SCP and regular SSH all support the ProxyCommand config directive.

Other tickets which touch on or duplicate this request are: #958, #2104, #3030.

[cyberduck]

cdcb698 commented

I would also love to see this feature. (I kind of just assumed Cyberduck would automatically support this, since everything else that I use that goes through ssh automatically does, and I banged my head on the wall for a while trying to figure out why it wasn't working.)

[cyberduck]

dbab61c commented

I concur with all in this thread. This would help out allot for thous of us whom would like to use Cyberduck with ssh "jumpbox" (ProxyCommand). I use something similar to @pablo.englebienne in my ~/.ssh/config file:

Host proxy_jumpbox
  DynamicForward 8080
  HostName jumpbox.ssh-access-to-outside.myprotecteddomain.com 

Host *.NOssh-access-to-outside.myprotecteddomain.com
  EscapeChar none
  StrictHostKeyChecking no
  ProxyCommand /usr/bin/nc  -x localhost:8080 %h %p

When I want to connect into any machine under *.NOssh-access-to-realworld.myprotecteddomain.com domain I first open a connection to the outside accessible jump host: $ssh proxy_jumpbox. Then all the subsequent connections to the boxs w/o access to the internets *.NOssh-access-to-realworld.myprotecteddomain.com get tunneled via the DynamicForward+(ProxyCommand/nc) proxy_jumpbox.

Support for functionality like this would be awesome. +bump

[cyberduck]

f8fbd13 commented

Adding my name to the list of people who have requested this. I use SSH tunnel only on rare occasions, but when I need it, it's for a good reason.

Fugu http://rsug.itd.umich.edu/software/fugu/ can do this, but I like Cyberduck.

[cyberduck]

Gabrielradic commented

Many hosting providers, especially for dedicated boxes, would provide a free space server to an (S)FTP. The catch is that the server would only work from inside that specific network. Some hosters providing this system are Hetzner, Dedibox and OVH, all huge.

Having a tunnel option for any (S)FTP connection would allow managing the backup space without much hassle.

[cyberduck]

e1630ff commented

this would be very useful for me, too.

[cyberduck]

07b56f4 commented

dkocher:

Can I ask you why you changed this back? Do you have any plans on developing this, or? I thought it was ok, since this is quite old. I'm also open to come collaboration.

/DSDeniso

[cyberduck]

@dkocher commented

Replying to [comment:16 DSDeniso]:

dkocher:

Can I ask you why you changed this back? Do you have any plans on developing this, or? I thought it was ok, since this is quite old. I'm also open to come collaboration.

I would certainly welcome code contributions which would allow it to schedule for a milestone.

[cyberduck]

07b56f4 commented

Replying to [comment:17 dkocher]:

Replying to [comment:16 DSDeniso]:

dkocher:

Can I ask you why you changed this back? Do you have any plans on developing this, or? I thought it was ok, since this is quite old. I'm also open to come collaboration.

I would certainly welcome code contributions which would allow it to schedule for a milestone.

I'm sorry. I don't think that I understand your message. Will you please try to explain in a bit more in depth? My formatting also looks wrong, so I'm maybe also missing some part of your comment.

Thanks,
/DSDeniso

[cyberduck]

4728f41 commented

+1