Share via

Computer certificate authentication using LSA S4U logon and AD mapping constraints

TRIM STS 0 Reputation points
2026-04-19T14:49:00.8333333+00:00

I’m working in a small lab environment at my office where I use a Windows workstation with Visual Studio Code installed to manage a couple of Linux VMs. The setup is a bit restrictive because of network segmentation rules enforced by our internal IT team, and it’s starting to slow down my workflow during testing.

Right now, I can only SSH directly from my Windows machine into VM1. From there, VM2 is reachable, but VM2 is completely isolated from my Windows workstation, so a direct SSH connection from Windows to VM2 is not possible at all. I do have VSCode Remote-SSH working fine into VM1, but I’m trying to figure out if there’s a clean way to reach VM2 through VM1 without manually jumping through terminals every time, since I’ll be switching between both machines frequently during development and it’s getting kinda repetitive. I also havent fully figured out the best VSCode configuration for this kind of chained access setup.

Windows for business | Windows Server | Devices and deployment | Configure application groups
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Harry Phan 22,230 Reputation points Independent Advisor
    2026-04-19T15:16:08.2+00:00

    Hi TRIM,

    The cleanest way to handle this in VSCode is to configure a chained SSH setup using the ProxyJump directive in your SSH config file. On your Windows workstation, edit %USERPROFILE%\.ssh\config and add an entry for VM2 that specifies VM1 as the jump host. For example:

    Host vm1
    HostName <VM1_IP>
    User <username>
    IdentityFile <path_to_key>

Host vm2
    HostName <VM2_IP>
    User <username>
    ProxyJump vm1
    IdentityFile <path_to_key>

    Once this is in place, VSCode Remote-SSH can connect directly to vm2 by name, and it will automatically tunnel through VM1 without you needing to manually hop terminals. This approach is supported natively by OpenSSH and avoids repetitive manual jumps. If you’re using VSCode’s Remote-SSH extension, make sure it points to the same config file, and restart VSCode after saving changes. This way you can switch between VM1 and VM2 seamlessly in the VSCode explorer without breaking your workflow.

    I hope this information clarifies your question. If it does, please mark the answer as accepted or give it a thumbs up to let me know. Wishing you a great day ahead.

    Harry.

    Was this answer helpful?

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.