Thursday, July 23, 2015

Configure Putty tunnel

WinSCP Config

The WinSCP Config is quite simple and utilizes its “tunnel” feature. Open WinSCP and configure a saved session for the final destination host as follows:

On the Session page, fill in the hostname and user name for the final destination host. Leave the password blank.
Check the “Advanced options” box in the login dialog.
Select the Connection –> Tunnel page.
Check the “Connect through SSH tunnel” box.
Fill in the Host name and user name of the intermediate host. Leave the password blank.
Save the session using the button in the lower right-hand corner of the window.

When you log in using the new profile, you will be prompted for two passwords. The first is for your account on the intermediate host, and the second is for your account on the final-destination host. After login, the bounce is entirely transparent and WinSCP works as if you had connected directly to the final-destination host. The connection process can be made even more transparent and secure by using public key authentication with Pageant instead of passwords.

Putty Config

The Putty setup is slightly more complicated and requires that public key authentication be used on the intermediate host. It utilizes Putty’s “local proxy” feature, which allows you to specify an arbitrary command on the local machine to act as a proxy. Instead of creating a TCP connection, PuTTY will communicate using the proxy program’s standard input and output streams. Our local proxy will be plink, which is a command-line ssh connection program included in the Putty default installation. Plink’s -nc option provides functionality similar to the ProxyCommand/netcat approach, but does so using the ssh server’s native port-forwarding interface and does not require that netcat be installed on the intermediate system. To set things up, configure a saved session for the final destination host:

Configure public key authentication for the intermediate host and make sure it works.

Start putty and on the “Session” page of the “Putty Configuration Dialog” that appears, fill in the host name and user name for the final destination host.

Switch to the Connection –> Proxy page, select “Local” as the proxy type enter the following as the local proxy command: plink.exe -l username -agent -nc %host:%port

Save the session.

C:\Program Files (x86)\PuTTY\plink.exe -l username -agent -nc %host:%port

connect %host %port\n

No comments :

Post a Comment