SSH jumping from Linux to RouterOS to Linux

olivier2831 · September 14, 2024, 12:48pm

Hello,
I’m looking for a way to log into a remote Linux, from a local Linux host passing through a RouterOS (6.49) without editing any DNAT rule.

Originating Linux host is called hostA
Relaying RouterOS is called hostB
Destination Linux host is called hostC.

I copied userA SSH key on both hostB and hostC.

I’m typing as userA on hostA, the command bellow:
ssh -J userB@hostB userC@hostC

I was expecting to access userC 's shell on hostC but nothing appears on my hostA console.

My question are:

Does it have a chance to work (I use this daily when hostB is a Linux host) ?
Is it possible to generate a private key, public key for a given user on RouterOS (as I’ve seen a way to import public or private keys but I’not seen anything to generate SSH keys) ?

Best regards

patrikg · September 14, 2024, 7:00pm

optio · September 15, 2024, 12:05pm

yes, for host jump from remote client you need to enable ssh forwarding, set to remote or both, see https://wiki.mikrotik.com/wiki/Manual:IP/SSH
no, generate keys elsewhere and import to ROS[/list]

olivier2831 · September 15, 2024, 2:51pm

Thanks: this is what I was after.