The following steps provide instructions for establishing SSH connections with servers that are listening on a non-standard port (the Inband destination selection > Targets > Port option is not 22), and the port number targeted by the clients is also a non-standard port (the To > Port option of the Connection Policy).
Enter the following in PuTTY:
In the Host Name field, enter the username on the target server, the target server's hostname (or IP address) and port number, and the hostname (or IP address) of One Identity Safeguard for Privileged Sessions (SPS) in the <username>@<server>:<port>@<scb> format
In the Port field, enter the port number of the SPS server
Assuming the following values:
The username is training1
The target server is 192.168.60.100
The target server is listening on port 2121
The SPS server is scb
The SPS server is listening on port 4444
You can enter the following destination hostname in PuTTY:
training1@192.168.60.100:2121@scb
Also change the destination port to the SPS server's port number:
4444
Figure 271: Configuring SSH inband destination for nonstandard ports in PuTTY
Alternative approach:
Enter only the hostname (or IP address, depending on your configuration) and port number of SPS in PuTTY.
At the login prompt, provide the username on the target server, and the target server's hostname (or IP address) and port number using the <username>@<server>:<port> format.
The following steps provide instructions for establishing SSH connections with servers that are listening on a non-standard port (the Inband destination selection > Targets > Port option is not 22), and the port number targeted by the clients is also a non-standard port (the To > Port option of the Connection Policy).
Enter the following command:
# ssh -p <scb_port> <username>@<server>:<port>@<scb>
...where <scb_port> is the port number of One Identity Safeguard for Privileged Sessions (SPS), <username> is the username on the target server, <server:port> is the target server's hostname (or IP address), <port> is the target server's port number, and <scb> is the hostname (or IP address) of SPS.
Assuming the following values:
The username is training1
The target server is 192.168.60.100
The target server is listening on port 2121
The SPS server is scb
The SPS server is listening on port 4444
You can enter the following command:
# ssh -p 4444 training1@192.168.60.100:2121@scb
Alternative approach:
Enter only the hostname (or IP address, depending on your configuration) and port number of SPS with the following command:
# ssh -p <scb_port> <scb>
At the login prompt, provide the username on the target server, and the target server's hostname (or IP address) and port number using the <username>@<server>:<port> format.
SPS can authenticate users attempting to establish an SSH connection against a gateway (see Configuring gateway authentication for more details). You can provide the gateway login credentials in PuTTY:
Enter the gateway username, the username on the target server, the target server's hostname (or IP address), and the hostname (or IP address) of One Identity Safeguard for Privileged Sessions (SPS) in the gu=<gatewayusername>@<username>@<server>@<scb> format in PuTTY
Assuming the following values:
The gateway username is training1
The username on the target server is root
The target server is 192.168.60.100
The SPS server is scb
You can enter the following destination in PuTTY:
gu=training1@root@192.168.60.100@scb
Figure 272: Configuring SSH inband destination and gateway authentication in PuTTY
Alternative approach:
Enter only the hostname (or IP address, depending on your configuration) of SPS in PuTTY.
At the login prompt, provide the username on the target server, and the target server's hostname (or IP address) using the <username>@<server> format.
When prompted, provide the gateway username.
One Identity Safeguard for Privileged Sessions (SPS) can authenticate users attempting to establish an SSH connection against a gateway (see Configuring gateway authentication for more details). The following steps explain how you can provide the gateway login credentials:
Enter the following command:
# ssh gu=<gatewayusername>@<username>@<server>@<scb>
...where <gatewayusername> is the gateway username, <username> is the username on the target server, <server> is the target server's hostname (or IP address), and <scb> is the hostname (or IP address) of SPS.
Assuming the following values:
The gateway username is training1
The username on the target server is root
The target server is 192.168.60.100
The SPS server is scb
You can enter the following command:
# ssh gu=training1@root@192.168.60.100@scb
Alternative approach:
Enter only the hostname (or IP address, depending on your configuration) of SPS with the following command:
# ssh <scb>
At the login prompt, provide the username on the target server, and the target server's hostname (or IP address) using the <username>@<server> format.
When prompted, provide the gateway username.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center