Here is also an interesting video regarding jump servers: https://www.youtube.com/watch?v=KIeBC7NIzj4
Michael http://www.mksolutions.info > Am 18.08.2023 um 17:44 schrieb Michael Keuter <li...@mksolutions.info>: > > Nice video, very interesting. > > BTW: on macOS you can install Proxychain via Homebrew with: > > brew install proxychains-ng > > and call it with "proxychain4 firefox". > >> Am 18.08.2023 um 17:02 schrieb Lonnie Abelbeck <li...@lonnie.abelbeck.com>: >> >> Hi Michael, >> >> I don't have any personal experience to share, but Tom Lawrence has a >> related video [1] >> >> Youtube: SSH Jump Server Access and How To Pivot Using OpenVPN & Proxychains >> >> I suspect this could all be done with SSH+SOCKS (Proxychains) and no OpenVPN >> tunnel as his example does. >> >> Key takeaways are to encrypt the Jump Server's drive (and backup), keep it >> local and secure from the internet, limit remote AstLinux SSH access via its >> firewall and Jump Server ssh key. >> >> >> Alternatively, some sort of automation to keep the remote AstLinux SSH keys >> updated from one hardened location. >> >> Lonnie >> >> [1] https://www.youtube.com/watch?v=jqudlmfG0zA >> >> >> >>> On Aug 18, 2023, at 2:17 AM, Michael Knill >>> <michael.kn...@ipcsolutions.com.au> wrote: >>> >>> Hi All >>> >>> Here is the issue: >>> We access devices behind Astlinux currently using SSH Tunnelling and SOCKS. >>> It works well however it is becoming increasingly difficult in managing >>> local authentication to do this such as using SSH Keys. >>> We are going to be bringing on additional staff and I don’t want to have to >>> go into every system to add credentials or keys every time we bring on a >>> new staffmember. >>> >>> Just wondering if there are any options for external authentication of SSH >>> rather than local on Astlinux e.g. using RADIUS >>> Could there be any other options e.g. HTTPS proxy? >>> >>> Regards >>> >>> Michael Knill >>> Managing Director _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
