SSH Client Setup
SSH Client Setup
SSH Client Setup
Create a profile to connect your devices according to their current location.
America Proxies
f4-ssh.iphmx.com
f5-ssh.iphmx.com
esa1.angelogordon.iphmx.com (Located at F4)
esa2.angelogordon.iphmx.com (Located at F5)
sma1.angelogordon.iphmx.com (Located at F4)
Place the information according to the Proxy you need to connect.
Click Data and add dh-user to the auto-login
Click SSH and check Don't start a shell or Comm...
Click Auth and Browse to your Private key.
Click Tunnels supply a Source Port, Destination (Your IronPort Appliance)
Click Add, and it should look like this.
Note: if you have more than one device in this location, you have to create different tunnels using not
always the same Source Port, a recommendation is assigning the next in the count for example
2201,2202,2203, ... and so on.
Click Session, you may supply a name, and Save the session. Go Ahead and Open the session to initiate
the local port forwarding proxy. If all goes well you will automatically be logged on to the proxy
server. You won't get a command prompt. You can save this session for future use.
Now you will need to open a new putty window without close the connection to the Proxy server. Use
the hostname 127.0.0.1 and use the source port number in the tunnel configuration
above. (2200) Click open to connect to your appliance. When prompted use your appliance username
and password.
Procedure to connect from a Mac OS and Linux OS.
Execute the following command to initiate a local port forwarding proxy on your workstation.
Syntax:
ssh -i <PrivateKey> -l dh-user -C -N -f <proxyIP> -L <localport>:<applianceIP>:22
<PrivateKey>
This is the path to your Private Key.
<proxyIP>
There are two US SSH proxies:
f4-ssh.iphmx.com (68.232.128.202)
f5-ssh.iphmx.com (68.232.134.202)
<localport>
You can use any port number between 1024 - 65535.
<applianceIP>
This is the hostname or ip address of you appliance.
Examples:
ssh -i ~/.ssh/yourPrivateKey -l dh-user -C -N -f f4-ssh.iphmx.com -L 2200:esa1.you.iphmx.com:22
Now, your workstation will be listening on localhost port 2200.
Finally issue the command...
ssh [email protected] -p 2200
If you get a message complaining about connecting to 127.0.0.1 for different (port forwarded) hosts try:
ssh -o 'UserKnownHostsFile /dev/null' -o 'StrictHostKeyChecking no' [email protected] -p 2200
The StrictHostKeyChecking and UserKnownHostsFile options are set to automatically accept and not
save the remote host key. These can also be set in the ~/.ssh/config file, to avoid re-typing every time.