Start a new topic

SSH-Agent for SecureGateway

Hello together,


many colleagues asked me, if it's possible to use an ssh-agent for secure-gateway authentification (e.g. Pageant). Now it look's like that didn't work..


Is it planned to implement a feature like this in further versions?


Greetings

Frank


3 people like this idea

Hi Frank,


there are no plans right now to include an ssh agent. Most of our users are storing the credentials in Royal TS documents. Can you provide some details why this is not an option for you or what the exact use case is?


Thank you,
Stefan

Hi Stefan,


on many jumpservers we have to use Pageant with an certificate located on a smartcard (2-factor authentification) to connect to them with SSH.

And this certificate we can't store in RoyalTS to use the secure-gateway-feature.


Greetings

Frank


3 people like this

Hi Stefan, Hi Frank,

I found your discussion here and have to say we have the same problem now.
I would be nice when this feature will be implemented in the near future.

Kind regards
Dominik


2 people like this

Hi!


Having the same issue here. I had high hopes for the Secure Gateway feature! Alas, it's of no use for me as the private key needed for jump host authentication resides on a smartcard that is only usable via pageant.


Cheers

 Alex

Plus one for this also.


We store our ssh keys on Yubikeys, having no way to extract the private key, using gpg-agent or pageant for our ssh connections.

Hi everyone!


Rebex, who is providing the components for terminal (SSH) and file transfer, is currently working on Pageant support. I'm not sure what exactly is covered and how it is working but as soon as they have something, we will see if and how we can integrate this into our product. Stay tuned.


Regards,
Stefan


2 people like this

 

Plus one for this also.

+1

I recently decided to try out ssh-agent forwarding and I'm surprised that I have to run a third party ssh agent outside of Royal TS, and also switch from Rebex terminal to PuTTY as Rebex doesn't support ssh-key agent forwarding.


Royal TS takes on control of my SSH keys as credential objects but does not allow a ssh connect to do agent forwarding with those same credentials.


I'd really like to see:

1. Royal TS become an ssh-agent for credentials defined for a connection

2. Rebex support ssh-agent forwarding


This will allow me to ssh into my jump host, and then ssh from there to my other servers without having to control and distribute my ssh-keys all over the place.  I don't actually mine running a third-party ssh-agent (I use Simon Tatham's Pagent) if the Royal TS default Terminal plug-in supported forwarding.


+1 same usecase


+1 same usecase


ssh-connections can use Pageant by enabling it in "Terminal application settings > Advanced > SSH Settings > Auth : Attempt Authentication using Pageant" using PuTTY plugin.


Secure Gateway entries still can't use a ssh-agent like Pageant.


The idea was already posted by Frank 6 years ago:

https://support.royalapps.com/support/discussions/topics/17000013008


How is the progress on that?

Hi!


The Rebex based Terminal gained SSH-Agent support a while back:

Since the Secure Gateway is using the same underlying SSH implementation we could bring that to the Secure Gateway as well.

Note that SSH Agent Forwarding is still not supported right now. Would anyone here be interested to test this?


2 people like this

Hi Stefan,

that sound's good :-)
Could I try this new feature?


Greetings

Frank

Login or Signup to post a comment