Message from @Goz3rr
Discord ID: 528561246652334081
unlike http
but amazon does it on AWS
yeah but they probably do it on a DNS level then
on amazon, you can ssh using the hostname, but not using the IP, because other containers have the same IP
right that could be
so instead, the better way would probably be to let ssh run on a different port on every vm, and then just use ssh forwarding
ssh host:2201 => vm 1
ssh host:2202 => vm 2 etc etc
@Tervy Can I permanently activate that and use group policy?
maybe look at SRV records?
Let me look that up
@timsandtoms not 100% sure so i wont give you "yes" answer to that
No worries. I'm just trying to avoid that hour long trawl through the MDL forums that I always end up doing, I'll suck it up and stop being lazy.
@Goz3rr from what I understand, for using a srv record, the service would need to be discoverable already
which isn't if my IP is internal
I never used AWS so I'm not familiar with what they do, but on azure they just open up different ports
reading what AWS does now
I can't set 10.10.10.1 as a target
but it looks like they use a ssh server on the host as a proxy
oh I tried to find that out, too
you can uh
that redirects based on key
because the protocol doesn't actually send the hostname
the key thing is a good idea though
the first paragraph here
that looks like what I want to do
I'll try that out
if it works I can make a nice script to deploy the keys and it's good to go
then there is always the overkill "traefik" setup
yes but that's also just http
alternatively most ssh clients support jumphosts
so you ssh in to your host, and then it runs the ssh command to ssh into the instance you want
jumphosts are what I am using now but I spend a few hours / week explaining people how to use jumphosts
really ? i always thought traefik can do almost anyhting on packets you want
ah
cant you specify what port goes to what port on vm on traefik ?
yes but only for http services
should that just clear your headache with ssh etc
```@tbouvet as mentioned in the README, Traefik is an http (only) reverse proxy, then the answer is no. We want to add TCP support in the future, you can follow this issue #10.```