1.0 KiB
SSH Gateways
The purpose of the ssh gateways is to give temporary access to protected networks and resources. Users are only supposed to use ssh to connect to and on the gateways. They are not supposed to only use the ssh command to further connect to the machine they need to connect to.
The access to the gateway is controlled by special ActiveDirectory groups. The membership of the groups are managed by the responsible of the protected network the gateway gives access to. In case of a beamline this is the beamline scientist.
Connecting to a gateway:
ssh <gateway-name>-gw
To avoid having to type your password to connect to the gateway you can upload your ssh public key to it. This can be done by:
ssh-copy-id <gateway-name>-gw
Afterwards you should be able to login to the gateway without a password.
Establishing an SSH connection through the gateway to a machine inside the protected network:
ssh -J <gateway-name>-gw <name-of-the-machine-you-want-to-connect>