Menu
▾
▴
Re: [Astlinux-users] Accessing devices behind Astlinux
|
From: Michael K. <li...@mk...> - 2023-08-18 16:19:44
|
Here is also an interesting video regarding jump servers: https://www.youtube.com/watch?v=KIeBC7NIzj4 Michael http://www.mksolutions.info > Am 18.08.2023 um 17:44 schrieb Michael Keuter <li...@mk...>: > > Nice video, very interesting. > > BTW: on macOS you can install Proxychain via Homebrew with: > > brew install proxychains-ng > > and call it with "proxychain4 firefox". > >> Am 18.08.2023 um 17:02 schrieb Lonnie Abelbeck <li...@lo...>: >> >> Hi Michael, >> >> I don't have any personal experience to share, but Tom Lawrence has a related video [1] >> >> Youtube: SSH Jump Server Access and How To Pivot Using OpenVPN & Proxychains >> >> I suspect this could all be done with SSH+SOCKS (Proxychains) and no OpenVPN tunnel as his example does. >> >> Key takeaways are to encrypt the Jump Server's drive (and backup), keep it local and secure from the internet, limit remote AstLinux SSH access via its firewall and Jump Server ssh key. >> >> >> Alternatively, some sort of automation to keep the remote AstLinux SSH keys updated from one hardened location. >> >> Lonnie >> >> [1] https://www.youtube.com/watch?v=jqudlmfG0zA >> >> >> >>> On Aug 18, 2023, at 2:17 AM, Michael Knill <mic...@ip...> wrote: >>> >>> Hi All >>> >>> Here is the issue: >>> We access devices behind Astlinux currently using SSH Tunnelling and SOCKS. It works well however it is becoming increasingly difficult in managing local authentication to do this such as using SSH Keys. >>> We are going to be bringing on additional staff and I don’t want to have to go into every system to add credentials or keys every time we bring on a new staffmember. >>> >>> Just wondering if there are any options for external authentication of SSH rather than local on Astlinux e.g. using RADIUS >>> Could there be any other options e.g. HTTPS proxy? >>> >>> Regards >>> >>> Michael Knill >>> Managing Director |
