I do this to access work machines from home. The only problem with the technique is that some organizations and malware detection software consider netcat to be a "hacking" tool and remove it. This is particularly common on Windows servers.<p>Newer OpenSSH has a netcat mode built-in <a href="http://blog.rootshell.be/2010/03/08/openssh-new-feature-netcat-mode/" rel="nofollow">http://blog.rootshell.be/2010/03/08/openssh-new-feature-netc...</a>
Non listed stuff (its funny that the ssh "supertrick" comes up every week on HN, i guess i should copy past this post):<p>* the other advantage is "not forwarding the agent" which is more secure<p>* using control socket can be annoying because of the way it closes / is opened in certain conditions<p>* ssh -W saves a nc command<p>* the % hack does not work in all conditions, only for simple constructs<p>It would be nice to have this stuff just work native in SSH to avoid all the issues, and more reliable control socket release.<p>i've been using a script adding the entries to .ssh/config for many years and enable control socket manually when i know i want it, but all this is quite cumbersome, even if its still better and less annoying than ssh -A.
There is a hack that you can put in your ssh config file to be able to write ssh gateway%host and have it transparently perfom the hop. See <a href="http://news.ycombinator.com/item?id=3545370" rel="nofollow">http://news.ycombinator.com/item?id=3545370</a>
I wrote a tool to do proxy based host chaining a last year. It has support for some more complicated things such as different usernames and/or ports per host. It will also autodetect whether ssh -W works ane fall back to remote netcat if not.<p><a href="https://github.com/ryancdotorg/ssh-chain" rel="nofollow">https://github.com/ryancdotorg/ssh-chain</a>
I use bash functions with ssh -t because, for some reason, on OSX, the ProxyCommand doesn't properly do pubkey authentication for me. Even when I explicitly set ForwardAgent or -A. :/