Skip to content
Tools to configure and use a ssh proxy server
Shell
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
bin
build-utils Merge branch 'issue-30-sshgate_editor' Feb 16, 2012
data
lib @ 2b4b274
tests ./test.sh all works too Aug 8, 2011
.gitmodules
COPYING
README
VERSION - add VERSION file Feb 16, 2012
build.sh

README

== Welcome to sshGate server ==

sshGate is a tool which helps to configure an OpenSSH server in order to have
a SSH proxy. sshGate uses the double SSH method to be able to connect to
a target host. In fact, sshGate has private ssh-keys of target hosts, makes
ACL checks and can log what users do on a given target host.

                        /-------> target host N
                       /-------->     . . .
         user ----> sshGate ----> target host 1
                      |-> ACL
                      |-> targets private sshkeys
                      |-> users public sshkeys

sshGate is under GPLv2 license.

Server project is located at http://github.com/Tauop/sshGate
Client project is located at http://github.com/Tauop/sshGate-client
ScriptHelper project is located at http://github.com/Tauop/ScriptHelper


== Install & Upgrade ==

If you crab the source for github.com, you need to build a sshGate-server tarball.
For more information : https://github.com/Tauop/sshGate/wiki/BuildPackages

Just run the ./install.sh script and answer to questions.
It you make a upgrade, the installed configuration can be re-used, and
data migration can be performed.

For more information : https://github.com/Tauop/sshGate/wiki/ServerInstallation

== Documentation == 

The project documentation is available on the github wiki at http://github.com/Tauop/sshGate/wiki


== Configuration ==

After installation, sshGate configuration can be changed through the sshgate-configure script,
or you can change settings values in the /etc/sshgate.conf files. This configuration file sets
main settings, and can override internal settings too.

Main settings :
- SSHGATE_VERSION : version of sshGate (do not edit)
- SSHGATE_BUILD : the build number of sshGate (internal use - do not edit)
- SSHGATE_DIRECTORY : root directory of sshGate program
- SCRIPT_HELPER_DIRECTORY : ScriptHelper dependance directory
- SSHGATE_GATE_ACCOUNT : the unix account used by sshGate
- SSHGATE_ALLOW_REMOTE_COMMAND : Do we allow remote command like "sshg 'cmd list targets'" ? default: Y
- SSHGATE_USE_REMOTE_ADMIN_CLI : Do we allow remote administration CLI ? default: Y
- SSHGATE_USERS_MUST_ACCEPT_TOS : Do users have to accept TOS at the first connection ? default: Y
- SSHGATE_EDITOR : editor program to use by sshGate. default: ${EDITOR}
- SSHGATE_TARGETS_SCP_PATH : default SCP path when it's not specified. default: ~/
- SSHGATE_TARGET_DEFAULT_SSH_LOGIN : default ssh login to use when connecting to target host. default: root
- SSHGATE_DEFAULT_LANGUAGE : The default language of sshGate users
- SSHGATE_MAIL_SEND : Is sshGate mail notification activated ? default: N
- SSHGATE_MAIL_TO : mail to this mail adresse if [SSHGATE_MAIL_SEND] is 'Y'
- SSHGATE_MAIL_SUBJECT : E-mail subject to use

other settings which can be override in /etc/sshgate.conf
- SSHGATE_DIR_DATA : sshGate data root directory
- SSHGATE_DIR_TEMPLATES : Directory containing multi-language templates
- SSHGATE_DIR_BIN : binaries of sshGate. default = [SSHGATE_DIRECTORY]/bin
- SSHGATE_DIR_CORE : all sshGate 'func' and 'core' files (internal sshGate library)
- SSHGATE_DIR_TEST : sshGate test files
- SSHGATE_DIR_USERS : users data (ssh keys and properties)
- SSHGATE_DIR_TARGETS : targets data (ssh keys, properties, access, logins, ...)
- SSHGATE_DIR_USERS_GROUPS : usergroups data
- SSHGATE_DIR_LOGS : logs root directory
- SSHGATE_DIR_LOGS_TARGETS : targets logs directory
- SSHGATE_DIR_LOGS_USERS : users logs directory
- SSHGATE_DIR_ARCHIVE : logs archives directory
- SSHGATE_TARGET_PRIVATE_SSHKEY_FILENAME : filename of the target private ssh key
- SSHGATE_TARGET_PUBLIC_SSHKEY_FILENAME : filename of the target public ssh key
- SSHGATE_TARGET_DEFAULT_PRIVATE_SSHKEY_FILE : path to the default target private ssh key file
- SSHGATE_TARGET_DEFAULT_PUBLIC_SSHKEY_FILE : path to the default target public ssh key file
- SSHGATE_TARGETS_USER_ACCESS_FILENAME : name of the target users access file
- SSHGATE_TARGETS_USERGROUP_ACCESS_FILENAME : name of the target usergroup access file
- SSHGATE_TARGETS_SSH_CONFIG_FILENAME : name of the target ssh configuration file
- SSHGATE_TARGETS_SSH_LOGINS_FILENAME : name of the target ssh login list file
- SSHGATE_LOGS_CURRENT_SESSION_FILE : path to the current session log file
- SSHGATE_TOS_FILENAME : name of the file containing TOS
You can’t perform that action at this time.