Controls/gitea-pages
0
2
Fork 0
Code Pull Requests Actions Activity
Files
a0b6092f9b79fd96da84dcfea4cbcd6a8e979ddc
gitea-pages/services/user-guide/ssh_gateways.md
ebner 17bba8ef76 add windows info
2024-12-23 11:16:59 +01:00

82 lines
2.9 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# SSH Gateways
The purpose of the ssh gateways is to give temporary access to protected networks and resources. Users are only supposed to use __ssh__ to connect to and from the gateways.
The access to the gateway is controlled by special ActiveDirectory groups. The membership of the groups are managed by the responsible of the protected network the gateway gives access to. In case of a beamline this is the beamline scientist.
Connecting to a gateway:
```bash
ssh <gateway-name>-gw
```
To avoid having to type your password to connect to the gateway you can upload your ssh public key to it. This can be done by:
```bash
ssh-copy-id <gateway-name>-gw
```
Afterwards you should be able to login to the gateway without a password.
Establishing an SSH connection through the gateway to a machine inside the protected network:
```bash
ssh -J <gateway-name>-gw <name-of-the-machine-you-want-to-connect>
```
## Request Gateway Access
Access to a Gateway can be requested via Service Now with the following workflow:
Open Service Now and https://psi.service-now.com/psisp and browse to the __Request Gateway Access__ Workflow as follows:
![](_static/ssh_gateways_01.png)
![](_static/ssh_gateways_02.png)
Alternatively you can search for "Gateway" in the search field.
![](_static/ssh_gateways_04.png)
Afterwards specify the user and the Gateway you request access for:
![](_static/ssh_gateways_03.png)
Once the request is submitted the responsible person for the Gateway Access List will be informed and requested for approval. Once the Approval is given the user will be automatically added to the necessary AD group.
## Using SSH Gateways with Windows
1. Open Command Prompt
Run CMD: Press Windows Key + R, type cmd, and press Enter.
Alternatively, search for "Command Prompt" (“Eingabeaufforderung” in German) in the search bar and select it.
2. Connecting to a Gateway
```powershell
ssh <username>@<gateway-name>-gw
```
3. Establish an SSH connection through the gateway to a machine inside the protected network
```powershell
ssh -J <username>@<gateway-name>-gw <username>@<name-of-the-machine-you-want-to-connect>
```
### Optional: Save the Connection in a Batch File
Saving the Connection in a Batch Script lets you re-use the command. This way you wont have to retype it every time you use the same connection again.
Open Notepad:
- Press Windows Key + R, type `notepad`, and press `Enter`.
- Type the SSH command, for example:
```
ssh -J <username>@<gateway-name>-gw <username>@<name-of-the-machine-you-want-to-connect>
```
- Save the File as a Batch File: Click on File > Save As.
- Set the file name, e.g., connect-to-gateway.bat.
- Choose "Save as type": Select All Files.
- Ensure the file extension is .bat (e.g., connect-to-gateway.bat).
- Save the file in a convenient location, such as your Desktop.
Run the Batch File:
- Double-click the .bat file to execute the SSH command.
View Git Blame Copy Permalink