Categorygithub.com/cea-hpc/sshproxy
module
1.6.3
Repository: https://github.com/cea-hpc/sshproxy.git
Documentation: pkg.go.dev
Overview
Versions
2
Dependencies
0
Dependents
0
Files
0

# README

sshproxy

image:https://api.cirrus-ci.com/github/cea-hpc/sshproxy.svg["Build Status", link="https://cirrus-ci.com/github/cea-hpc/sshproxy"]

What is sshproxy?

sshproxy is used on a gateway to transparently proxy a user SSH connection on the gateway to an internal host via SSH. scp, sftp, rsync, etc. are supported.

sshproxy defines routes which bind an SSH listening address to a pool of destination hosts. It can then choose the first available destination or load-balance the connections with a simple round-robin algorithm.

Because of its design sshproxy is stateless (it is launched as a +ForceCommand+ by sshd). It can be made stateful by using etcd allowing to:

  • remember users connections and always connects a user to the same destination while a connection to this destination is alive,
  • periodically check if destination hosts are alive.

States stored in etcd can be displayed or modified with the +sshproxyctl+ command.

sshproxy can be configured to monitor SSH sessions and either to save them in files or to send them to the very simple +sshproxy-dumpd+ daemon. Sessions can be replayed with the +sshproxy-replay+ command.

Compilation

Install the Go (version >= 1.20) compiler suite: see http://golang.org/doc/install for details.

Define and export the +$GOPATH+ directory where the source code will be unpacked (e.g. '$HOME/go'):

$ export GOPATH=$HOME/go
$ mkdir -p $GOPATH/src/github.com/cea-hpc
$ cd $GOPATH/src/github.com/cea-hpc
$ tar xvJf sshproxy-X.Y.Z.tar.xz

Compile everything:

$ make

Installation

Install binaries and manpages:

# make install

+sshproxy+ and +sshproxy-dumpd+ are installed in +/usr/sbin+, +sshproxyctl+ and +sshproxy-replay+ in +/usr/bin+.

Configuration

There is a commented configuration file in the +config+ directory.

Configure +/etc/sshproxy/sshproxy.yaml+ to suit your needs.

Modify the SSH daemon configuration +/etc/ssh/sshd_config+ by adding:

ForceCommand /usr/sbin/sshproxy

Copying

Copyright (C) 2015-2024 CEA/DAM/DIF

sshproxy is distributed under the CeCILL-B, a French transposition of the BSD license. See the included files +Licence_CeCILL-B_V1-en.txt+ (English version) and +Licence_CeCILL-B_V1-fr.txt+ (French version) or visit http://www.cecill.info for details.

Authors

Arnaud Guignard [email protected], Cyril Servant [email protected]

Documentation

See files in the +doc+ directory.

// vim:tw=78:ft=asciidoc:

# Packages

No description provided by the author
No description provided by the author