Access to Internal Server From Jump Server

wy Lv3
  2024-07-14 00:05:19 2024-07-14 00:05:19 Created   2024-07-19 17:18:21 2024-07-19 17:18:21 Updated  

Using a Jump Server for Internal Network Access

In scenarios where direct access to internal network resources is restricted due to security policies, a jump server (also known as a bastion host) acts as an intermediary that provides a secure path to these resources from an external network. This method is commonly used to manage servers, databases, and other critical infrastructure securely.

Purpose

Use a jump server for SSH tunneling, allowing secure connection to a remote server within a protected network.

Operating Environment

macOS

Prerequisites

  • Jump Server Password: The password required to access the jump server.
  • Remote Server Password: The password needed to log into the remote server.

Some Terminal Commands

  • ssh-keygen -t rsa: Generates a new RSA key pair, which is used for secure SSH connections. This command creates a private key and a public key, stored by default in ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub, respectively.

  • ssh Jumpmachine: Connects to the jump server using SSH. Replace Jumpmachine with the hostname or IP address of your jump server.

  • ssh -v Jumpmachine: Connects to the jump server using SSH with verbose output. The -v option increases verbosity, which can help diagnose connection, authentication, and configuration problems. Replace Jumpmachine with the hostname or IP address of your jump server.

These commands are fundamental for establishing a secure channel between your local machine and the jump server.

Configuring SSH in VSCode

To connect to your remote server via a jump server using VSCode’s SSH capabilities, you need to configure the SSH settings properly. Below is a sample configuration for the ~/.ssh/config file:

1
2
3
4
5
6
7
8
9
10
11
12
13
# Configuration for the remote server
Host RemoteServerAlias
  HostName [Remote-Server-IP]
  User [Remote-Server-User-ID]
  ProxyCommand ssh -W %h:%p JumpServerAlias

# Configuration for the jump server
Host JumpServerAlias
  HostName [Jump-Server-Domain]
  Port 22
  User [Jump-Server-User-ID]
  HostkeyAlgorithms ssh-dss,ssh-rsa
  KexAlgorithms +diffie-hellman-group1-sha1

Final Connection Steps

To connect to the server in VSCode, simply open the Remote Explorer, select RemoteServerAlias, and enter your server password when prompted.

  • Title: Access to Internal Server From Jump Server
  • Author: wy
  • Created at : 2024-07-14 00:05:19
  • Updated at : 2024-07-19 17:18:21
  • Link: https://yuuee-www.github.io/blog/2024/07/14/Access-to-Internal-Server-From-Jump-Server/
  • License: This work is licensed under CC BY-NC-SA 4.0.
Comments
On this page
Access to Internal Server From Jump Server
  1. Using a Jump Server for Internal Network Access
    1. Purpose
    2. Operating Environment
    3. Prerequisites
    4. Some Terminal Commands
    5. Configuring SSH in VSCode
    6. Final Connection Steps