------------------------------------------------------------------------------- PuTTY A complete GUI SSH installation, which runs independant to any system SSH. It was created for use on Windows, but can be installed and used under LINUX. It ignores any configuation or "knownhosts" settings stored in "$HOME/.ssh/". It's own configuration is saved to "$HOME/.config/putty/". ------------------------------------------------------------------------------- Putty using authentication Keys (no password) http://the.earth.li/~sgtatham/putty/0.60/htmldoc/Chapter8.html#pubkey http://www.ornl.teragrid.org/guides/puttygen.html ------------------------------------------------------------------------------- X Windows on PC Window Machines Using "Xwin-32" X emulator with the SSH client "Putty" Run "Putty", BUT BEFORE you log into the UNIX machine, look at the preferences and in particular "Security" and "Tunnelling". Look for a checkbox marked 'X11 forwarding' or 'X Window Tunneling' and enable it. Complete the rest of the setup for connecting to the remote UNIX machine, and then SAVE IT as a session configuration. This will allow you to just pick this connection again, and automatically have the "X11 Forwarding" enabled. Now that you have enabled X windows, and save it, log into the UNIX machine. Once you are logged into the unix server, check that you have a X window connection by typing... echo $DISPLAY If successfull you will see something like localhost:10.0 You don't have to do the every time, just at this point, and if you have problems at a future date. Now all you have to use an X window program, is start the "Xwin-32". This should be configured to use "Multiple Client windows", and NOT a "single window". Also under "Security" enable access from "localhost", as that is where the emulator will see the connection comming from. Test this with... xlogo After a moment a graphical window with a colorful stylish X should appear, or you get an error messge in yoru terminal window. To get rid of the X, go to the terminal window and type CTRL-C (hold down the 'CTRL' key then press 'C' at the same time. You can now run any graphical X window program you like on the UNIX machine. Just login with "Putty" then when you want to run a X window program launch "XWin-32" and run the program. ------------------------------------------------------------------------------- Port Forwarding... http://realprogrammers.com/how_to/set_up_an_ssh_tunnel_with_putty.html or https://www.skyverge.com/blog/how-to-set-up-an-ssh-tunnel-with-putty/ Example is for forwarding port 3306 (mysql) from local to remove mysql server via ssh... Create a session in PuTTY. select the Tunnels tab in the SSH section. Source port box enter "3306". This is the port on yur machine you would connect to. Destination field below it "127.0.0.1:3306" Means forward the connection to port 3306, on the destination machine Save the session! Dual hopping (going thru multiple intervening machines) https://serverfault.com/questions/340865/ ------------------------------------------------------------------------------- Double SSH jumping (non-proxy - bastion servers) First connection to just the 'bastion' box, with multiplexing. This way you only need authenticate (type passwd/OTP etc) once to that server, and later connects reuse any previously openes connection to the server. Start Putty Session Hostname: {s-number}@bastion.example.com Session: "Bastion" Connection -> SSH (no sub-section) Enable - 'Share SSH Connections' Session Save "Bastion" Session You can now start as many "Bastion" sessions as you want by starting Putty and then double-clicking "Bastion" form the sessions box. You will not need a password/OTP for second or later connections. You may also like to set other things for this default "Bastion" session now. For example: font, font-size, terminal size, terminal colors. --- From a Bastion window you To jump to another account. For example type: ssh appl@na-prd-myapp --- Set up a session for "MyApp". Basically we get putty to type the "ssh" command for you on the bastion server. Start Putty Session Load "Bastion" -- This is IMPORTANT, copy it's settings. Change session name to "MyApp" Connection -> SSH (no sub-section) Leave 'Share SSH Connections if possible' Enabled Remote Command: ssh appl@na-prd-myapp Session Save the new "MyApp" Session Now when you double click "MyApp" you will go there direct! Bastion will only ask for password/OTP if no putty connection has been opened through bastion yet. Do NOT use "SSH proxy" with bastions, as this bypass the 'SSH principles' setup on the bastion servers. -------------------------------------------------------------------------------