sshGate is a tool which helps to configure an OpenSSH server in order
to have a SSH proxy. sshGate uses the double SSH method to be able to
connect to a target host. In fact, sshGate has private ssh-keys of
target hosts, makes ACL checks and can log what users do on a given
target host.
sshGate is distributed under GLPv2 license.
--------------------------------------------------------
To install sshGate-server, you need the sshGate-server-<version>.tar.gz tarball.
First, untar the sshGate-server-<version>.tar.gz and got into the created directory :
The installation procedure makes those actions on the system :
from https://github.com/Tauop/sshGate/wiki/Installation
sshGate is distributed under GLPv2 license.
List of features
- ssh & scp support
- Access Control List
- ssh-key authentification support
- OpenSSH client and Windows Putty support
- Administration CLI
- logs of what users do on target hosts
Read more
- Build package
- Dev. Environment setup
- sshGate-server: Installation
- sshGate-server: Configuration settings
- sshGate-server: List of CLI commands
- sshGate-server: Description of directories and files
- sshGate-server: Data files format
- sshGate-server: Internals
--------------------------------------------------------
sshGate-server Installation
To install sshGate-server, you need the sshGate-server-<version>.tar.gz tarball.
First, untar the sshGate-server-<version>.tar.gz and got into the created directory :
tauop@Tauopbox:/tmp/example$ tar zxvf sshGate-server-0.2-0.69.tar.gz tauop@Tauopbox:/tmp/example$ cd sshGate-server-0.2-0.69/Then, run the install.sh script and answer to questions :
tauop@Tauopbox:/tmp/example/sshGate-server-0.2-0.69$ sudo ./install.sh
--- sshGate server installation ---
by Patrick Guiran
NOTICE: ScriptHelper will be installed as part of sshGate, not system-wide
If you want to install ScriptHelper system-wide, please visit http://github.com/Tauop/ScriptHelper
Where do you want to locate sshGate [/opt/sshgate] ?
Which unix account to use for sshGate users [sshgate] ?
What the default user account to use when connecting to target host [root] ?
List of avariable languages: fr us
Default language for user messages [us] ?
Which editor to use [vim] ?
Activate mail notification system [N] ?
Do users have to accept TOS when connecting for the first time [Y] ?
Allow remote command [Y] ?
Allow remote administration CLI [Y] ?
Configure sudo with NOPASSWD to launch remote admin CLI [Y] ?
- Reload configuration ... OK
- Installing sshGate ... OK
- Generate default sshkey pair ... OK
- Setup files permissions ... OK
- Install archive cron ... OK
- configure /etc/sudoers ... OK
You need to add the first user of sshGate, which will be sshGate administrator.
This user will allow you to manage other users, targets and accesses.
user login ? pguiran
user mail ? pguiran@linagora.com
In order to administrate sshGate, just ssh this host with this user
If you have installed sshGate client -> sshg cli
with standard ssh client -> ssh -t sshgate@Tauopbox cli
from this terminal -> /opt/sshgate/bin/sshgate-cli -u pguiran
NOTICE: You may add /opt/sshgate/bin in your PATH variable
tauop@Tauopbox:/tmp/exmaple/sshGate-server-0.2-0.69$
installed components
Here is a description of what the install.sh script make on the system. When talking about directories, we use answers given in the example above.The installation procedure makes those actions on the system :
- Install sshGate structure and files in in /opt/sshgate/
- Generate default ssh key pairs for target host
- Create sshgate unix account
- Install archive-log.sh in /etc/cron.monthly/
- Configure /etc/sudoers to allow remove CLI administration
- Create the first sshGate user (which will be admin and not restricted by ACL)
from https://github.com/Tauop/sshGate/wiki/Installation
