Use ~/.ssh/config with duplicati

I want to use duplicati against an ssh-backend which I can only reach over a second ssh jumphost.

With ssh - no problem. I configured the jumphost in my ~/.ssh/config - and it works like a charm.

But duplicati seems to ignore my ssh-config - and I can’t add any other ssh-config-params.

Can I make duplicati respect my config - or, alternatively, can I add manual ssh-params?

There doesn’t appear to be any ssh proxy settings in duplicati Storage Providers - Duplicati 2 User’s Manual

And duplicati does not use the local ssh config so it seems like this is a feature request dealing with jump hosts

Hi @eingemaischt, welcome to the forum!

I’m not sure I really understand what you’re trying to do (I just don’t know much about SSH) but I suspect Pectojin is correct that what you’re wanting to do is currently supported. :frowning:

However, you may be able to do something with --run-script-before and --run-script-after steps to sort of do what you want in a clumsy way…

Alternatively, using a external scheduler and calling Duplicati via command line might also do the trick.

Duplicati does not use OpenSSH, maybe due to portability needs, plus the need for a programming interface. Supporting the huge number of OpenSSH options would also be way too much. Fortunately, the flexibility that OpenSSH programs provide might allow you to do something like @JonMikelV may have in mind, such as to have ssh port forward from localhost on the Duplicati system all the way through to port 22 on the destination. Beware of company rules about connections at the network level. If this is your own gear, ample options exist.

Encrypting and de-encrypting over multiple ssh hops will probably slow things down. More direct will be faster, however feasibility depends on the situation, including the hosts involved and other security considerations…

Regarding the possibility of someday (probably not soon) adding jump host support, the SSH.NET library has support for running commands, but Duplicati doesn’t use it, and I’m not sure if it could be stitched onto SFTP (which Duplicati does use) to make something that sets up a multi-hop SSH tunnel, then runs SFTP over that. Meanwhile, there might be the abovementioned way to roll your own using scripts before and/or after backup.