Multi-Hop Login Using Xshell
You may find yourself in a situation where you need to connect to your server only through the gateway server.
There are several ways to accomplish this using Xshell.
OpenSSH's ProxyCommand Feature
Below is a sample of an OpenSSH configuration with the ProxyCommand setting:
+--------+ +----------+ +-----------+ | Source | <---> | gw_svr | <--> | dest_svr | +--------+ +----------+ +-----------+
In the above case, if your source machine is implemented with OpenSSH, you can simply use the following command:
$ ssh -o ProxyCommand='ssh user_of_gw_svr@gw_svr nc dest_svr 22' user_of_dest_svr@dest_svr
Or you can configure your personal ssh config file in your .ssh/config:
$ vi ~/.ssh/config
You'll need to append the following configuration:
Host myserver # session name that can be any. HostName dest_svr # the real host name that can be reached. User user_of_dest_svr Port 22 ProxyCommand ssh user_of_gw_svr@gw_svr nc %h %p
Then you can connect to your server using the following command:
$ ssh myserver
Login Scripts Feature of Xshell
You can also connect entirely using Xshell's sessions properties interface. The below outlines a simple case from session properties:The expect string will differ, of course, depending on your situation.
SSH_PASSTHROUGH of Xshell's Proxy
Add the following to your sshd_config file and restart sshd:
AcceptEnv XSHELL_HOSTNAME XSHELL_USERNAME XSHELL_PASSWORD XSHELL_PORT XSHELL_PROTOCOL
Make a proxy configuration and select it in your session file.
The host listed under the Connection category must be your destination server.
Now you'll need to edit the startup script of your gw_svr (gateway server).
$ vi ~/.bash_profile
Depending on your preferred shell, your startup script may be .proilfe, .cshrc, etc. Insert the following scrip for jumping to the destination server:
$ vi ~/.bash_profile if [ $XSHELL_PROTOCOL ]; then echo echo "Jumping to $XSHELL_HOSTNAME..." echo /usr/bin/expect -c " log_user 0 if { \"$XSHELL_PROTOCOL\" == \"TELNET\" } { spawn -noecho telnet $XSHELL_HOSTNAME $XSHELL_PORT -l $XSHELL_USERNAME expect -nocase \"assword:\" if { \"$XSHELL_PASSWORD\" != \"\" } { send \"$XSHELL_PASSWORD\r\" } } else { spawn /usr/bin/ssh $XSHELL_HOSTNAME -p $XSHELL_PORT -l $XSHELL_USERNAME expect { -nocase \"assword:\" { if { \"$XSHELL_PASSWORD\" != \"\" } { send \"$XSHELL_PASSWORD\r\" } } } } interact " logout fi