You may find yourself in a situation where you need to connect to your server only through the gateway server.
There are several ways to accomplish this using Xshell.
OpenSSH's ProxyCommand Feature
Below is a sample of an OpenSSH configuration with the ProxyCommand setting:
| Code Block |
|---|
+--------+ +----------+ +-----------+ | Source | <---> | gw_svr | <--> | dest_svr | +--------+ +----------+ +-----------+ |
In the above case, if your source machine is implemented with OpenSSH, you can simply use the following command:
| Code Block |
|---|
$ ssh -o ProxyCommand='ssh user_of_gw_svr@gw_svr nc dest_svr 22' user_of_dest_svr@dest_svr |
Or you can configure your personal ssh config file in your .ssh/config:
| Code Block |
|---|
$ vi ~/.ssh/config |
You'll need to append the following configuration:
| Code Block |
|---|
Host myserver # session name that can be any. HostName dest_svr # the real host name that can be reached. User user_of_dest_svr Port 22 ProxyCommand ssh user_of_gw_svr@gw_svr nc %h %p |
Then you can connect to your server using the following command:
| Code Block |
|---|
$ ssh myserver |
Login Scripts Feature of Xshell
You can also connect entirely using Xshell's sessions properties interface. The below outlines a simple case from session properties:
...
The expect string will differ, of course, depending on your situation.
SSH_PASSTHROUGH of Xshell's Proxy
Add the following to your sshd_config file and restart sshd:
AcceptEnv XSHELL_HOSTNAME XSHELL_USERNAME XSHELL_PASSWORD XSHELL_PORT XSHELL_PROTOCOL
Make a proxy configuration and select it in your session file.
...
The host listed under the Connection category must be your destination server.
...
Now you'll need to edit the startup script of your gw_svr (gateway server).
| Code Block |
|---|
$ vi ~/.bash_profile |
Depending on your preferred shell, your startup script may be .proilfe, .cshrc, etc. Insert the following scrip for jumping to the destination server:
| Code Block |
|---|
$ vi ~/.bash_profile
if [ $XSHELL_PROTOCOL ]; then
echo
echo "Jumping to $XSHELL_HOSTNAME..."
echo
/usr/bin/expect -c "
log_user 0
if { \"$XSHELL_PROTOCOL\" == \"TELNET\" } {
spawn -noecho telnet $XSHELL_HOSTNAME $XSHELL_PORT -l $XSHELL_USERNAME
expect -nocase \"assword:\"
if { \"$XSHELL_PASSWORD\" != \"\" } {
send \"$XSHELL_PASSWORD\r\"
}
} else {
spawn /usr/bin/ssh $XSHELL_HOSTNAME -p $XSHELL_PORT -l $XSHELL_USERNAME
expect {
-nocase \"assword:\" {
if { \"$XSHELL_PASSWORD\" != \"\" } {
send \"$XSHELL_PASSWORD\r\"
}
}
}
}
interact
"
logout
fi |