Serge van Ginderachter

As announced in February new versions of the Linux training courses were being (re-)written by Paul.

I’m pleased to announce that v2 was merged in the master branch on github.

I you want to test it or just check it out:


git clone git://github.com/linuxtraining/lt.git
cd lt
git submodule init
git submodule update
./make.sh
./make.sh build fundamentals


Feedback is welcome, by mail at contributors@linux-training.be or via a github issue.

If you prefer to just download the latest books in PDF format, check out the download page. These are nightly builds from the master branch.

Some recent changes.

I updated the make script to be a little more decent. (A little less clumsy actually.)

The LT project contained until now both the linux-training books, but also “Datacommunicatie en Netwerken” (in short, Datanet) which is a Dutch introductory course  about data communication and basic networking. We split both projects into two separate repositories: next to https://github.com/linuxtraining/lt you can also now check out https://github.com/linuxtraining/datanet.

For now the changes are not in the master branch yet, but those will be merged in the coming days.

Patrick Debois‘ article on Chaining SSH tunnels inspired me to effectively start using this technique.

At first my use case was pretty simple. It wasn’t the host I needed to connect to which behind a firewall, but, as it turned out, I was.

I’ve got a box at home listening on a high port, as my provider is blocking the low <1024 ports, Which is a problem when I'm on a network which only allows outbound SSH connections on port 22. It's easy to hop around by first connecting to another server on regular port 22, but automating that with Patrick's proxycommand-plus-netcat trick proved to be handy in this situation, too.

I could easily add an entry to .ssh/config to manage this specific situation.

Now, the typical firewalled networks I need to use, I often work on them either by being on its premises, or remotely. When I need to connect remotely, especially for a longer period, I can often use a dedicated VPN for that, but very often I just want quickly check something on one host, and entering the network not by launching a full-blown VPN stack, but hopping through a SSH gateway, tends to be the preferred solution.

Normally, you then need separate .ssh/config entries for each host. And then you need a separate .ssh/config entry for each host using a specific ProxyCommand.

But this doesn’t scale well. One would need to manage redundant information. I don’t want to configure .ssh/config entries for each server separately to be reached from within its own LAN and remotely through SSH hopping.

I didn’t find a way to handle this with a config in .ssh/config only, but adding following little (Bash) function to my environment lets me use an extra ssh command which lets me use the same .ssh/config entries for both situations:

ssh-via () { proxy=$1 ; shift ; ssh -o Proxycommand="ssh $proxy nc %h %p" $* ; }

Just use ssh-via instead of plain ssh, and let the first parameter be the name of the .ssh/config entry for the gateway you need to use.

The Linux Training web site was updated earlier this week – Linux Training is Paul Cobbaut‘s training book project.

No fancy new flash website, just some simple pages, with some links to the git repository with the Docbook source code, the download page and some more stuff. I should add a short introduction about how to download the source and ‘compile’ a pdf.

From now on you also can download the latest version of the books, which are rebuild nightly after an updated was pushed. There’s also an online HTML version of the Fundamentals course for you to browse.

Paul kindly publishes his book under the Gnu Free Documentation license, which leanse you can freely download the books and update them. Don’t forget to send us the patches to your updates!

Thanks Paul!