SSHD stands for SSH Direct proxy in a product context. SSHD works as an additional component in the system, allowing users who require access to SSH protocol-based sessions without authenticating to the PAM portal. SSHD is a software component that is part of the default production installation. In SSHD Proxy, you can enter the #NO (serial no with #), and the system will auto-select the respective asset or account. This can help system administrators to use any SSH client to access target systems. The standard communication port is 22022, which can be enabled from the user's machine to the proxy server. The session/terminal size is equal, i.e., when the terminal client size is changed, the same gets reflected in other screens. The proxy can also be used in line with native token-based MFA. The default name of the proxy is SSHD. This section describes ways and methods to configure SSH Direct proxy.
Before you begin
You have already installed the Sectona Web Access. Refer to the Installation Section for more details.
Ensure the PAM server can communicate with the jump Server as per the communication requirement mentioned in Standard Port Requirement for Installation
Procedure to configure SSHD proxy in Sectona PAM installation
Navigate to System → Landing & Proxy Server.
Click on +Add New Proxy Server(s) and select SSHD Proxy from the drop-down menu.
Start the proxy service in our system.
Testing the SSHD proxy connections
To access any target server using the SSHD proxy or to test your configuration perform the below-recommended steps:
Open any terminal application, such as Putty.
Provide the IP Address or hostname of the Sectona instance
Provide the configured port number of the SSHD proxy of Sectona PAM.
Choose to select a connection as SSH if asked in your SSH client.
Once you login into Putty, provide the following details to access a particular asset using SSHD. The system retrieves the password securely if your username has required access.
Note: When you execute the clear command, the SSHD Proxy response and terminal client screen get cleared.
Login as: <Provide PAM authentication username> Password: <Provide passwords for selected username> Asset IPAddress@Account <Provide IP Address you want to access @ Account Name you wish to access>