On Sun, Mar 1, 2020 at 4:03 PM DBakes <[email protected]> wrote: > Hello, > > Is it possible to specify SSH jump servers in Guacamole? e.g, I'd like to > connect to host X via host Y. I currently have various configurations such > as this by using a ssh .config file to specify the bastions\jump boxes to > traverse by using the ProxyCommand functionality. > > I'm using LDAP & Database authentication if that helps. > > Currently there is no way to directly do this within Guacamole, though it has been discussed and there is already a JIRA issue out there for it:
https://issues.apache.org/jira/browse/GUACAMOLE-312 No substantial work has been accomplish in this regard, yet, that I know of, but it is on the radar. That said, it may also be possible to accomplish what you're trying to do by using the guacd proxy attributes that are available today within the connections - that is, you could set up a guacd instance somewhere other than where the default instance is set up and then point a specific connection to that instance of guacd. This may not work in every situation - like if there's a firewall that only allows SSH traffic - but, if you have enough control over the network, it might help you out. Also, connections between Guacamole Client and guacd can been encrypted, so you can secure these in a way that allows you to operate them over untrusted networks (similar to SSH). -Nick
