SSH gateway and filezilla

Postby berzas » 2017-06-30 00:51

Hi all,

We have a bunch of websites on LXD containers behind Debian HAproxy container 1.7.5-2 (from backports). We were trying to made ssh work trough the reverse proxy but no way:

Code: Select all
frontend SSH_frontend
        bind *:7822
        mode tcp
        default_backend SSH-backend

Code: Select all
backend SSH-backend
        mode tcp
        option tcplog

Code: Select all
acl 01-vps req.hdr(host) -i 01
        acl 02-vps req.hdr(host) -i 02.vps
        acl 03-vps req.hdr(host) -i
        acl 04-vps ssl_fc_sni_reg 04.vps

        use-server vps01 if 01-vps
        use-server vps02 if 02-vps
        use-server vps03 if 03-vps
        use-server vps04 if 04-vps

after many tries we realized that probably is not possible to use ssh this way.

Then we are trying for so long to figure out how to set up an SSH gateway or bastion in a transparent way, in a sense that would be easy for common users to connect via Filezilla to the server. We most have Gnu/Linux users then Putty is not an option

We configured an SSH gateway and we could connect to servers this way:

Code: Select all
ssh -tt -A -p 2222 user@gateway_ip ssh user@container_ip

But this is not reliable to connect trough Filezilla. Also we saw there are netcat and proxycommnad options but not good for dummies.

Do you have any suggestions to accomplish that?
