mac\u3067ssh\u306e\u30dd\u30fc\u30c8\u30d5\u30a9\u30fc\u30ef\u30fc\u30c9\u3092\u6709\u52b9\u306b\u3057\u305f\u3068\u304d\u306e\u30e1\u30e2\u3067\u3059\u3002<\/p>\n
\u4eca\u56de\u306e\u4f8b\u3067\u306f\u4e0b\u8a18\u306e\u30b5\u30fc\u30d0\u304c\u5b58\u5728\u3059\u308b\u3082\u306e\u3068\u3057\u307e\u3059\u3002<\/p>\n
\u8e0f\u307f\u53f0\u30b5\u30fc\u30d0: (bastion)<\/p>\n
\u63a5\u7d9a\u5148\u30b5\u30fc\u30d0: (web)<\/p>\n
\u30bf\u30fc\u30df\u30ca\u30eb\u3092\u4e00\u3064\u958b\u304d\u3001\u4e0b\u8a18\u306e\u30b3\u30de\u30f3\u30c9\u3067\u8e0f\u307f\u53f0\u30b5\u30fc\u30d0\u306b\u63a5\u7d9a\u3059\u308b\u3002\u3053\u3053\u3067-L\u3067\u6307\u5b9a\u3057\u305f \u4ee5\u4e0b\u306e\u3088\u3046\u306b\u30ed\u30b0\u30a4\u30f3\u3067\u304d\u308b\u306e\u3067\u3001\u3053\u306e\u307e\u307e\u653e\u7f6e\u3057\u307e\u3059<\/p>\n web\u30b5\u30fc\u30d0\u306b\u30ed\u30b0\u30a4\u30f3\u3059\u308b\u305f\u3081\u306b\u306f\u3001\u5225\u306e\u30bf\u30fc\u30df\u30ca\u30eb\u3092\u958b\u304d\u4e0b\u8a18\u306e\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002<\/p>\n \u521d\u3081\u3066\u63a5\u7d9a\u3059\u308b\u3068\u304d\u306f\u3001\u78ba\u8a8d\u304c\u51fa\u308b\u306e\u3067 \u305d\u306e\u5f8c\u3001web\u30b5\u30fc\u30d0\u306b\u76f4\u63a5\u30ed\u30b0\u30a4\u30f3\u3067\u304d\u307e\u3059\u3002<\/p>\n \u6bce\u56de\u30dd\u30fc\u30c8\u30d5\u30a9\u30ef\u30fc\u30c9\u306e\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3057\u305f\u304f\u306a\u3044\u5834\u5408\u306f\u3001 \u3053\u308c\u3067\u3001 \u3053\u308c\u307e\u3067ssh\u30b3\u30de\u30f3\u30c9\u3067 mac\u3067ssh\u306e\u30dd\u30fc\u30c8\u30d5\u30a9\u30fc\u30ef\u30fc\u30c9\u3092\u6709\u52b9\u306b\u3057\u305f\u3068\u304d\u306e\u30e1\u30e2\u3067\u3059\u3002 \u8a2d\u5b9a \u4eca\u56de\u306e\u4f8b\u3067\u306f\u4e0b\u8a18\u306e\u30b5\u30fc\u30d0\u304c\u5b58\u5728\u3059\u308b\u3082\u306e\u3068\u3057\u307e\u3059\u3002 \u8e0f\u307f\u53f0\u30b5\u30fc\u30d0: (bastion) global IP: 52.0.0.1 private IP: […]<\/p>\n","protected":false},"author":1,"featured_media":784,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[37],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/akamist.com\/blog\/wp-content\/uploads\/2017\/09\/icon_ssh.png","jetpack-related-posts":[{"id":3284,"url":"https:\/\/akamist.com\/blog\/archives\/3284","url_meta":{"origin":4434,"position":0},"title":"ssh\u30b3\u30de\u30f3\u30c9\u3067\u30ed\u30b0\u30a4\u30f3\u6642\u3001'-i'\u30aa\u30d7\u30b7\u30e7\u30f3\u3067\u306e\u30ad\u30fc\u30d5\u30a1\u30a4\u30eb\u6307\u5b9a\u3092\u7701\u7565\u3059\u308b(ssh_config)","date":"2018\u5e7411\u67084\u65e5","format":false,"excerpt":"ssh\u30b3\u30de\u30f3\u30c9\u3067\u306f\u3001\u30ad\u30fc\u30d5\u30a1\u30a4\u30eb\u306e\u30c7\u30d5\u30a9\u30eb\u30c8\u306f`~\/.ssh\/id_rsa`\u3068\u306a\u3063\u3066\u304a\u308a\u3001\u30c7\u30d5\u30a9\u30eb\u30c8\u2026","rel":"","context":"\u30af\u30e9\u30a6\u30c9","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/akamist.com\/blog\/wp-content\/uploads\/2017\/09\/icon_ssh.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":3583,"url":"https:\/\/akamist.com\/blog\/archives\/3583","url_meta":{"origin":4434,"position":1},"title":"circleci\u30b3\u30de\u30f3\u30c9\u306elocal\u5b9f\u884c\u3067ssh\u30ad\u30fc\u3092\u30b3\u30f3\u30c6\u30ca\u306b\u6e21\u3059","date":"2019\u5e743\u670817\u65e5","format":false,"excerpt":"CircleCI\u3067\u306fcircleci\u30b3\u30de\u30f3\u30c9\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b\u3053\u3068\u3067\u3001\u30ed\u30fc\u30ab\u30eb\u306ePC\u304b\u3089`.circ\u2026","rel":"","context":"CircleCI","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1201,"url":"https:\/\/akamist.com\/blog\/archives\/1201","url_meta":{"origin":4434,"position":2},"title":"[Vagrant]vagrant up\u3067\u69cb\u7bc9\u3057\u305fVM\u3078TeraTerm,putty\u306a\u3069\u304b\u3089SSH\u30ed\u30b0\u30a4\u30f3\u3059\u308b\u65b9\u6cd5","date":"2017\u5e7411\u670823\u65e5","format":false,"excerpt":"Vagrant\u3067vagrant up\u30b3\u30de\u30f3\u30c9\u3067Linux\u306eVM\u3092\u4f5c\u6210\u3057\u305f\u3068\u304d\u3001\u901a\u5e38\u306f`vagrant\u2026","rel":"","context":"Vagrant","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/akamist.com\/blog\/wp-content\/uploads\/2017\/10\/icon_vagrant.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":483,"url":"https:\/\/akamist.com\/blog\/archives\/483","url_meta":{"origin":4434,"position":3},"title":"aws-cli\u3092\u4f7f\u3063\u3066\u5168Web\u30b5\u30fc\u30d0\u306b\u540c\u3058\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3059\u308b","date":"2017\u5e748\u670824\u65e5","format":false,"excerpt":"\u4eca\u56de\u306f\u3001AWS\u306ecli\u30e6\u30fc\u30c6\u30a3\u30ea\u30c6\u30a3\u3092\u4f7f\u7528\u3057\u3066\u3001\u8907\u6570\u306eec2\u30b5\u30fc\u30d0\u306b\u5bfe\u3057\u3066\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002\u4f8b\u3068\u2026","rel":"","context":"\u672a\u5206\u985e","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/akamist.com\/blog\/wp-content\/uploads\/2017\/08\/180821_4.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":3338,"url":"https:\/\/akamist.com\/blog\/archives\/3338","url_meta":{"origin":4434,"position":4},"title":"[PHP]Deployer\u3067\u30c7\u30d7\u30ed\u30a4\u6642\u306bSSH\u30ad\u30fc\u30d5\u30a1\u30a4\u30eb\u540d\u3092\u6307\u5b9a\u3059\u308b\u65b9\u6cd5","date":"2018\u5e7411\u670818\u65e5","format":false,"excerpt":"PHP\u306e\u30c7\u30d7\u30ed\u30a4\u30c4\u30fc\u30eb\u3067\u3042\u308bDeployer\u3067\u3001\u30bf\u30fc\u30b2\u30c3\u30c8\u306e\u30b5\u30fc\u30d0\u3078SSH\u30ed\u30b0\u30a4\u30f3\u3059\u308b\u3068\u304d\u306eSSH\u30ad\u2026","rel":"","context":"Deployer","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/akamist.com\/blog\/wp-content\/uploads\/2018\/04\/icon_deployer.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":3324,"url":"https:\/\/akamist.com\/blog\/archives\/3324","url_meta":{"origin":4434,"position":5},"title":"[PHP,Deployer,CircleCI]\u30b5\u30fc\u30d0\u306b\u30c7\u30d7\u30ed\u30a4\u6642\u306b\u30a8\u30e9\u30fc\"The authenticity of host xx can't be established.\"\u304c\u51fa\u308b\u6642","date":"2018\u5e7411\u670817\u65e5","format":false,"excerpt":"CircleCI\u3067PHP\u306e\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u3092Deployer\u3092\u4f7f\u7528\u3057\u3066\u30c7\u30d7\u30ed\u30a4\u30e1\u30f3\u30c8\u3057\u3088\u3046\u3068\u3059\u308b\u3068\u3001\u4e0b\u8a18\u2026","rel":"","context":"CircleCI","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/akamist.com\/blog\/wp-content\/uploads\/2018\/04\/icon_deployer.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]}],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/akamist.com\/blog\/wp-json\/wp\/v2\/posts\/4434"}],"collection":[{"href":"https:\/\/akamist.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/akamist.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/akamist.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/akamist.com\/blog\/wp-json\/wp\/v2\/comments?post=4434"}],"version-history":[{"count":4,"href":"https:\/\/akamist.com\/blog\/wp-json\/wp\/v2\/posts\/4434\/revisions"}],"predecessor-version":[{"id":4438,"href":"https:\/\/akamist.com\/blog\/wp-json\/wp\/v2\/posts\/4434\/revisions\/4438"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/akamist.com\/blog\/wp-json\/wp\/v2\/media\/784"}],"wp:attachment":[{"href":"https:\/\/akamist.com\/blog\/wp-json\/wp\/v2\/media?parent=4434"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/akamist.com\/blog\/wp-json\/wp\/v2\/categories?post=4434"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/akamist.com\/blog\/wp-json\/wp\/v2\/tags?post=4434"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}10.0.0.1:22<\/code>\u306f\u8e0f\u307f\u53f0\u30b5\u30fc\u30d0\u306eIP\u3068\u30dd\u30fc\u30c8\u3092\u610f\u5473\u3057\u300110022\u306f\u30ed\u30fc\u30ab\u30eb\u3067\u30d5\u30a9\u30ef\u30fc\u30c9\u3059\u308b\u30dd\u30fc\u30c8\u756a\u53f7\u3067\u3059\u3002<\/p>\nssh -L 10022:10.0.0.2:22 -i ~\/.ssh\/bastion-keyfile.pem ec2-user@52.0.0.2\n<\/code><\/pre>\nLast login: Mon May 3 13:16:07 2021 from example.com\n\n __| __|_ )\n _| ( \/ Amazon Linux 2 AMI\n ___|\\___|___|\n\nhttps:\/\/aws.amazon.com\/amazon-linux-2\/\n[ec2-user@ip-10-0-0-1 ~]$\n<\/code><\/pre>\nssh -i web-keyfile.pem ec2-user@localhost -p 10022\n<\/code><\/pre>\nyes<\/code>\u306b\u3057\u307e\u3059\u3002<\/p>\nThe authenticity of host '[localhost]:10022 ([::1]:10022)' can't be established.\nECDSA key fingerprint is SHA256:xxx.\nAre you sure you want to continue connecting (yes\/no\/[fingerprint])? yes\n<\/code><\/pre>\nWarning: Permanently added '[localhost]:10022' (ECDSA) to the list of known hosts.\nLast login: Sun May 2 10:54:54 2021 from example.com\n\n __| __|_ )\n _| ( \/ Amazon Linux 2 AMI\n ___|\\___|___|\n\n[ec2-user@ip-10-0-0-2 ~]$\n<\/code><\/pre>\n.ssh\/config\u306b\u8a2d\u5b9a\u3092\u66f8\u304f<\/h2>\n
~\/.ssh\/config<\/code>\u306b\u4e0b\u8a18\u306e\u8a2d\u5b9a\u3092\u3057\u3066\u304a\u304f\u3068\u826f\u3044\u3067\u3059<\/p>\nHost bastion\n User ec2-user\n Hostname 52.0.0.1\n IdentityFile ~\/.ssh\/bastion-keyfile.pem\n Port 22\n\nHost web\n User ec2-user\n Hostname 10.0.0.2\n IdentityFile ~\/.ssh\/web-keyfile.pem\n Port 22\n ProxyCommand ssh -CW %h:%p bastion\n<\/code><\/pre>\nssh bastion<\/code>\u3068\u6253\u3064\u3060\u3051\u3067\u8e0f\u307f\u53f0\u30b5\u30fc\u30d0\u7d4c\u7531\u3067web\u30b5\u30fc\u30d0\u306b\u30ed\u30b0\u30a4\u30f3\u3067\u304d\u307e\u3059\u3002<\/p>\nssh\u30b3\u30de\u30f3\u30c9\u306e
-L<\/code>, -C<\/code>, -W<\/code>\u30aa\u30d7\u30b7\u30e7\u30f3\u306e\u610f\u5473<\/h2>\n-L<\/code>, -C<\/code>, -W<\/code>\u306e\u30aa\u30d7\u30b7\u30e7\u30f3\u3092\u4f7f\u7528\u3057\u307e\u3057\u305f\u304c\u3001\u305d\u308c\u305e\u308c\u4e0b\u8a18\u306e\u610f\u5473\u3067\u3059\u3002
\n-L \u30d5\u30a9\u30fc\u30ef\u30fc\u30c9\u3059\u308b
\n-C \u901a\u4fe1\u5185\u5bb9\u3092gzip\u3067\u5727\u7e2e\u3057\u3066\u901a\u4fe1\u91cf\u3092\u7bc0\u7d04\u3059\u308b
\n-W \u30db\u30b9\u30c8\u306b\u30d5\u30a9\u30ef\u30fc\u3068\u3055\u308c\u308b\u6a19\u6e96\u5165\u51fa\u529b\u3092\u30bb\u30ad\u30e5\u30a2\u306a\u30c1\u30e3\u30cd\u30eb\u3067\u3084\u308a\u53d6\u308a\u3059\u308b<\/p>\n-L [bind_address:]port:host:hostport\n-L [bind_address:]port:remote_socket\n-L local_socket:host:hostport\n-L local_socket:remote_socket\n\nSpecifies that connections to the given TCP port or Unix socket on the local (client) host are to be for-\nwarded to the given host and port, or Unix socket, on the remote side. This works by allocating a socket\nto listen to either a TCP port on the local side, optionally bound to the specified bind_address, or to a\nUnix socket. Whenever a connection is made to the local port or socket, the connection is forwarded over\nthe secure channel, and a connection is made to either host port hostport, or the Unix socket\nremote_socket, from the remote machine.\n<\/code><\/pre>\n-C \n\nRequests compression of all data (including stdin, stdout, stderr, and data for forwarded X11, TCP and\nUNIX-domain connections). The compression algorithm is the same used by gzip(1), and the ``level'' can be\ncontrolled by the CompressionLevel option for protocol version 1. Compression is desirable on modem lines\nand other slow connections, but will only slow down things on fast networks. The default value can be set\non a host-by-host basis in the configuration files; see the Compression option.\n<\/code><\/pre>\n-W host:port\n\nRequests that standard input and output on the client be forwarded to host on port over the secure channel.\nImplies -N, -T, ExitOnForwardFailure and ClearAllForwardings, though these can be overridden in the config-\nuration file or using -o command line options.\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"