ssh jump host without nc (netcat)
[UPDATE 23. Jun 2019]
I just realized... starting from OpenSSH 7.3, it is even easier by using ProxyJump...
Host server1 10.0.1.1 Hostname 10.0.1.1 ProxyJump user1@jumphost1.example.org:22,user2@jumphost2.example.org:2222
... or using -J
ssh -J user1@jumphost1.example.org:22 10.0.1.1
[/UPDATE]
[UPDATE 06. May 2016]
Carlos Lopes Pereira pointed me to the article SSH Agent Forwarding Is a Bug by @neerolyte. I also think this is a valid point, so removed the agent forwarding flags.
[/UPDATE]
Sometimes it makes sense to use ssh jump hosts to reach hosts in a DMZ. To avoid connecting those jump host manually and starting another ssh-connection on the jump host, we are using ProxyCommand, defined in ssh_config.
Historically, we are using nc on the jump host, to forward the connection to the target host.
Host server1 10.0.1.1 Hostname 10.0.1.1 ProxyCommand ssh -q -x IP_OF_JUMP_HOST 'nc %h 22'
Unfortunately, this cause a large number of orphaned nc-processes on the jump host. It is possible to get rid of those leftovers by using nc -w 1 %h 22.
But why using nc? Why installing another piece of software on the ssh jump hosts? ssh is capable to do this on its own, using ssh -W %h:22.
-W host:port Requests that standard input and output on the client be forwarded to host on port over the secure channel. Implies -N, -T, ExitOnForwardFailure and ClearAllForwardings and works with Protocol version 2 only.
Changing the ssh_config:
Host server1 10.0.1.1 Hostname 10.0.1.1 ProxyCommand ssh -q -x IP_OF_JUMP_HOST -W %h:22