I have server A sitting in network A. Server A is able to connect to a bastion host in network B via ssh. This bastion host is able to reach any port on any server in network B.
From any server in network A, I would like to be able to do something like curl server-b or ssh server-c and have the traffic get routed through server A, through the bastion, into network B, and connect to server-b and server-c on the correct ports. It's ok if I have to specify the proxy in the command, ie: PROXY=server-a:8080 curl server-b etc. (or the port on server-b or server-c for that matter)
I cannot create a server in network B. All I have is the bastion access.
I'm guessing there are two parts to this that need to get set up on server A, a proxy server and an ssh tunnel.
For the proxy server I'm guessing I could use something like squid, and have it proxy to localhost on whatever port I'm using for the ssh tunnel.
But I'm not sure what to do for the ssh tunnel
I would normally initiate the tunnel with something like:
ssh -L 8080:<X>:<Y> bastion
But X and Y are variables...I want to be able to reach any server in network B. So I need a sort of "generic" ssh tunnel, and I'm not sure that exists.
Bastion access requires 2FA also, so I can't dynamically create a new ssh tunnel each time I want to establish a connection from a server in network A to a server in network B.
(Yes, I have approval from the bosses to do this, that is not relevant here and shouldn't be mentioned)
