Feature to configure an SSH jumpbox [DONE]

markus
centeractive people
Posts: 16
Joined: 18 Jun 2012, 09:58
Contact:

Feature to configure an SSH jumpbox [DONE]

Postby markus » 20 Sep 2013, 18:16

Sometimes, only a certain server is directly accessible via ssh.
Then only once a ssh session is established on that server, from this running ssh session, the user can open a new ssh session to the actual log file server that is otherwise hidden.

Retrospective today allows only direct connections to an ssh server.
As frequently, companies use the pattern to allow ssh only to one server, and then the users must go from there to the actual destination servers.
This obviously increases the security and allows for central logging and control of accessing a collection of destination servers.

It would be helpful, to have in Retrospective a "jumpbox" functionality, that would allow Retrospective also to reach the hidden destination servers.

Would it be possible to "wrap" the Retrospective search/tail commands into another invocation of "ssh user@targetServer"?

Eventually, one could even want to configure a "chain" ssh reroutings, including credentials as user/password tupels or certificates.
Like this, Retrospective could access log files that are hidden behind even several ssh servers.

The topic here is similar to another feature request in this forum, that is asking to prepend a "sudo" to the actual command invocations.
I could even imagine to combine the "ssh redirect" with "sudo" commands, for a given target server host.
Eventually chaining up a series of sudo and redirect commands to provide ultimate flexibility and deal with even the most restrictive security regulations.

Sounds like fantasy, but sometimes the most crazy features turn out to be the chief differentiators that make people really want to use a tool...
urs.minder
centeractive people
Posts: 68
Joined: 06 Jun 2012, 16:45
Contact:

Re: Feature to configure an SSH jumpbox

Postby urs.minder » 28 Feb 2015, 11:28

markus wrote:It would be helpful, to have in Retrospective a "jumpbox" functionality, that would allow Retrospective also to reach the hidden destination servers.

Retrospective version 3.4.0 has just been and now lets you defining a jump server for any target host. You can even chain more than two hosts and access your target host through more than one jump servers.

Within the Host Manager, simply select a host from the drop-down list labeled “Jump server” located in the “Advanced connection options” section. When defining a host, any other hosts can be chosen as its jump server. Once you select a jump server, the “host chain” appears to the right of the drop-down list. It displays the chain of connected hosts that corresponds to the route used by Retrospective to reach your host.

Return to “Feature Requests”

Who is online

Users browsing this forum: No registered users and 1 guest