SSH Jump Server

If the server is accessible via proxy.goyun.info then you can access other servers behind the same NAT boundary via -J command line flag, i.e. on the client:

$ ssh -J proxy.goyun.info 10.8.8.8

you can update your client’s SSH configuration in ~/.ssh/config with the following:

Host 10.8.8.*

    ProxyJump proxy.goyun.info

An example Jump user without other privileges:

Match User jumpuser PermitTTY no X11Forwarding no PermitTunnel no GatewayPorts no ForceCommand /usr/sbin/nologin

User client file:

client SSH configuration with:

Host 10.8.8.*
    ProxyJump jumpuser@proxy.goyun.info