sshGate icon indicating copy to clipboard operation
sshGate copied to clipboard

verified publisher icon Tauop

Metadata

Tools to configure and use a ssh proxy server

== Welcome to sshGate server ==

sshGate is a tool which helps to configure an OpenSSH server in order to have a SSH proxy. sshGate uses the double SSH method to be able to connect to a target host. In fact, sshGate has private ssh-keys of target hosts, makes ACL checks and can log what users do on a given target host.

                    /-------> target host N
                   /-------->     . . .
     user ----> sshGate ----> target host 1
                  |-> ACL
                  |-> targets private sshkeys
                  |-> users public sshkeys

sshGate is under GPLv2 license.

Server project is located at http://github.com/Tauop/sshGate Client project is located at http://github.com/Tauop/sshGate-client ScriptHelper project is located at http://github.com/Tauop/ScriptHelper

== Install & Upgrade ==

If you crab the source for github.com, you need to build a sshGate-server tarball. For more information : https://github.com/Tauop/sshGate/wiki/BuildPackages

Just run the ./install.sh script and answer to questions. It you make a upgrade, the installed configuration can be re-used, and data migration can be performed.

For more information : https://github.com/Tauop/sshGate/wiki/ServerInstallation

== Documentation ==

The project documentation is available on the github wiki at http://github.com/Tauop/sshGate/wiki

== Configuration ==

After installation, sshGate configuration can be changed through the sshgate-configure script, or you can change settings values in the /etc/sshgate.conf files. This configuration file sets main settings, and can override internal settings too.

Main settings :

  • SSHGATE_VERSION : version of sshGate (do not edit)
  • SSHGATE_BUILD : the build number of sshGate (internal use - do not edit)
  • SSHGATE_DIRECTORY : root directory of sshGate program
  • SCRIPT_HELPER_DIRECTORY : ScriptHelper dependance directory
  • SSHGATE_GATE_ACCOUNT : the unix account used by sshGate
  • SSHGATE_ALLOW_REMOTE_COMMAND : Do we allow remote command like "sshg 'cmd list targets'" ? default: Y
  • SSHGATE_USE_REMOTE_ADMIN_CLI : Do we allow remote administration CLI ? default: Y
  • SSHGATE_USERS_MUST_ACCEPT_TOS : Do users have to accept TOS at the first connection ? default: Y
  • SSHGATE_EDITOR : editor program to use by sshGate. default: ${EDITOR}
  • SSHGATE_TARGETS_SCP_PATH : default SCP path when it's not specified. default: ~/
  • SSHGATE_TARGET_DEFAULT_SSH_LOGIN : default ssh login to use when connecting to target host. default: root
  • SSHGATE_DEFAULT_LANGUAGE : The default language of sshGate users
  • SSHGATE_MAIL_SEND : Is sshGate mail notification activated ? default: N
  • SSHGATE_MAIL_TO : mail to this mail adresse if [SSHGATE_MAIL_SEND] is 'Y'
  • SSHGATE_MAIL_SUBJECT : E-mail subject to use

other settings which can be override in /etc/sshgate.conf

  • SSHGATE_DIR_DATA : sshGate data root directory
  • SSHGATE_DIR_TEMPLATES : Directory containing multi-language templates
  • SSHGATE_DIR_BIN : binaries of sshGate. default = [SSHGATE_DIRECTORY]/bin
  • SSHGATE_DIR_CORE : all sshGate 'func' and 'core' files (internal sshGate library)
  • SSHGATE_DIR_TEST : sshGate test files
  • SSHGATE_DIR_USERS : users data (ssh keys and properties)
  • SSHGATE_DIR_TARGETS : targets data (ssh keys, properties, access, logins, ...)
  • SSHGATE_DIR_USERS_GROUPS : usergroups data
  • SSHGATE_DIR_LOGS : logs root directory
  • SSHGATE_DIR_LOGS_TARGETS : targets logs directory
  • SSHGATE_DIR_LOGS_USERS : users logs directory
  • SSHGATE_DIR_ARCHIVE : logs archives directory
  • SSHGATE_TARGET_PRIVATE_SSHKEY_FILENAME : filename of the target private ssh key
  • SSHGATE_TARGET_PUBLIC_SSHKEY_FILENAME : filename of the target public ssh key
  • SSHGATE_TARGET_DEFAULT_PRIVATE_SSHKEY_FILE : path to the default target private ssh key file
  • SSHGATE_TARGET_DEFAULT_PUBLIC_SSHKEY_FILE : path to the default target public ssh key file
  • SSHGATE_TARGETS_USER_ACCESS_FILENAME : name of the target users access file
  • SSHGATE_TARGETS_USERGROUP_ACCESS_FILENAME : name of the target usergroup access file
  • SSHGATE_TARGETS_SSH_CONFIG_FILENAME : name of the target ssh configuration file
  • SSHGATE_TARGETS_SSH_LOGINS_FILENAME : name of the target ssh login list file
  • SSHGATE_LOGS_CURRENT_SESSION_FILE : path to the current session log file
  • SSHGATE_TOS_FILENAME : name of the file containing TOS

Metadata

40
Stars
12
Forks
Watchers

Owner

verified publisher icon Tauop

Metadata

Tools to configure and use a ssh proxy server

Back