This article page is for Shared Service Customers who need to configure ssh or PuTTY to connect to the RHEL Jump Box so they can maintain extended connections to Linux servers.
Shared Service RHEL Jump Box Usage
I. Connecting Options:
1. Linux:
ssh ${NIDAdmin}@net2799.net.ucf.edu
2. Windows (PuTTY):
Session -> Host Name = net2799.net.ucf.edu
II. SSH to another machine:
There are a few functions created for ease of use. Normal ssh will still work with your active Kerberos token if you don’t want to use these functions. You can check which token is active by running klist and checking the default principal. If it has expired, you can run kinit and enter your password again.
1. sshnet - changes to your NET domain Kerberos token (It will prompt for your password if a token does not exist) and then ssh to the machine. You can specify either the name of the server or just the number
Ex: sshnet net2799
2. sshdev - changes to your NETDEV domain Kerberos token (It will prompt for your password if a token does not exist) and then ssh to the machine. You can specify either the name of the server or just the number
3. sshqa - changes to your NETQA domain Kerberos token (It will prompt for your password if a token does not exist) and then ssh to the machine. You can specify either the name of the server or just the number
4. dssh – if the server name is in the format ${DOMAIN}XXXX, it will call the appropriate function listed above to switch Kerberos tokens and then connect to the server
5. removeHost - removes a host from ~/.ssh/known_hosts. This will remove whatever is listed in argument 1 by name and IP.
Ex: removeHost net2799
Removes any line that contains net2799 and runs dig to find the IP. 10.225.7.11 and remove any lines that contains that IP.
III. SOCKS5 Proxy
1. Linux:
When connecting use: ssh -D8080 ${NIDAdmin}@net2799.net.ucf.edu
2. Windows (PuTTY):
Add the following configuration at: Connection -> SSH -> Tunnels
*Make sure to click Add before clicking Open/Apply!
Once you have the SOCKS5 proxy configured, you can modify your applications to use it so once you are connected to the jump server, you can access everything else like your machine had direct access.
· Firefox/Chrome:
1. Install the Addon “FoxyProxy Standard”
FoxyProxy is an addon that allows for dynamic proxy configuration based on the address you are going to. The jump servers do not have internet so globally setting the SOCKS5 proxy would block your internet access.
2. Add a new proxy with the following details:
a. Proxy Type = SOCKS5
b. IP address = localhost
c. Port = 8080
d. Send DNS through SOCKS5 proxy = On
3. Add the following patterns:
4. Set the mode to “Use Enabled Proxies By Patterns and Priority”.
· FileZilla:
1. Edit -> Settings
2. Connection -> Generic proxy
3. Select SOCKS 5 and then enter the following information
a. Proxy host = localhost
b. Proxy port = 8080
· PuTTY:
1. Connection -> Proxy
a. Proxy type = SOCKS5
b. Proxy hostname = localhost
c. Port = 8080
IV. TMUX:
It is recommended to run everything inside of tmux so you will not lose your bash session if you get disconnected. A function has been provided to simplify resuming your tmux session. At the end of your ~/.bashrc file, you can call resumetmux. This function will check if you are already inside a tmux session, if not, it will check for any disconnected sessions that start with “ssh” and then reconnect. If it cannot find a disconnected session, it will create a new session with the name “sshX” where X will be replaced with an incremented number starting at 0.
Useful tmux commands:
Ctrl+b “ = Split horizontally
Ctrl+b % = Split Vertically
Ctrl+b Spacebar = Rotate
Ctrl+b d = Disconnect
Ctrl+b c = Create window
Ctrl+b w = Select window
Ctrl+b , = Rename window
Ctrl+b x = Kill pane
Ctrl+b s = Select session
Ctrl+b ? = List current key bindings
Ctrl+b : = tmux command shell to run commands that are not bound to a shortcut
There are many more commands available by looking at `man tmux` under KEY BINDINGS.