For a work project, I was required to take copies of files from one machine at one data center, and copy those files [via scp] through a tunnel and a bastion server at another data center, and then onto a variety of different machines there.

This proved to be a little trickier than I thought, but ~/.ssh/config can be easily setup to ensure that you can access remote machines via proxies very quickly and easily.

If you do not have a ~/.ssh/config file, it is OK to create it. Just ensure that, if you receive “bad owner or permissions” for your ~/.ssh/config file, you adjust them to fix:

chmod 600 ~/.ssh/config

After that, you need to then start adjusting the config file. From my local machine, I setup the following rules:

Host target_host
 User my_username
 HostName target_host
 ProxyCommand ssh my_username@proxy_machine nc %h %p 2> /dev/null

Using these rules, I was able to ssh into the machine by using just ssh target_host from my local.

On the proxy machine and target hosts, you can also easily add some ssh keys so that you can copy files without the need for a password.