Suppose you have a production server that you want to visit via SSH, however, it is not accessible directly. Instead, you have to visit it from a bastion/proxy server. You can configure SSH to use the bastion/proxy server when visiting the production server.
Host <production_server>
ProxyCommand ssh <proxy_server> -W %h:%p
Host *
SendEnv LANG LC_*
HashKnownHosts yes
GSSAPIAuthentication yes
GSSAPIDelegateCredentials no
# make connection alive
ServerAliveInterval 90
ServerAliveCountMax 3
Wildcards and NOT operators are supported.
Host *.xxx.xxx.com !*.exclude.com
ProxyCommand ssh proxy_server_address -W %h:%p
Host *
Notice that you can also specify the proxy to use directly
via the option -o ProxyCommand="ssh proxy_server -W %h:%p"
.
For example,
ssh -o ProxyCommand="ssh proxy_server -W %h:%p" target_server