A connection with -oProxyJump=REMOTEMACHINE does not read the private key from REMOTEMACHINE:~/.ssh/ because it's like nested tubes, not like a daisy chain.
A straightforward approach is to copy the private key from REMOTEMACHINE to the local one, then use the local copy of the key. This can be done with scp, sftp or even with:
ssh REMOTEMACHINE 'cat ~/.ssh/id_rsa'> /path/to/private/dir/local_copyIf you don't want to store the key in a local regular file then consider "borrowing" the key:
Start a local
ssh-agent(you can skip this step if there is already an agent running and available, and it has got not too many keys (read about a possible problem with too many keys here)):#locallyeval "$(ssh-agent)"Connect to the
REMOTEMACHINEwith agent forwarding and load ("borrow") the key into the local agent:#locallyssh -A REMOTEMACHINE ssh-addNow any program that uses the local agent (see "Understanding
ssh-agent" in this answer) will be able to authenticate with the "borrowed" key. You can now connect from local toHIDDENMACHINE(with-J/-oProxyJump=if needed).