They’re not. Either of them.
Unicorns live in the land of make believe, with leprechauns, fairies, and knowledgeable phone support techs.
Recently, I had the occasion for one. An SSH proxy, not a unicorn. Keep up. Short story, started using a VPN. Random IPs are not awesome for setting up in a firewall. But I *do* have a virtual server somewhere. It’s IP is not random, and never changes.
“I bet I can use it for a proxy” says I. So I go looking. Examples of how to do SSH tunnels abound. That’s not quite what I had in mind. See, you have to setup a tunnel all the time, in order to use it. That’s *way* to much work. Plus remembering that “ssh -p 2222 localhost” is server X, and “ssh -p 2223 locahost” is server Y is a giant pain in the hole.
“There must be a better way” thought I. And there is. You can put a ProxyCommand into your ~/.ssh/config file.
This says “when I try to connect to any server that ends in .example.com, use my.virtualserver.com”
This command sets up a nc (read about it) process which just takes your input, and shoves it to the remote server. Everything works like you’d expect. Even your ssh-agent.
- Server you can SSH too with a fixed IP, ideally auth’d with keys
- nc installed on said server
What do the bits of the nc command do?
-w 3600: Timeout in 3600s with no input
%h: use this host (SSH fills that in)
%p: use this port on that host (SSH fills that in).