Connect with WinSCP and Putty via Jump-In SSH host

Posted on by

Goal

A SCP Connection needs to be established, but a connection to a host with WinSCP is not possible, because no direct access is available. But a jump in SSH server is reachable from your PC and the jump in SSH server has access to the desired server.

Intro

There is a firewall or another restriction between your local PC and the machine you want to scp to. No direct connection can be established. For example you’re on the road and the file server’s SSH port  in your home or office is not accessible from the internet. But another machine at your site, which can access the file server is running SSH accessible from the internet.

Tools

This article is about connection from Windows using Putty [3] and WinSCP [2] to connect to a linux server running running OpenSSH. Also the jump in server has OpenSSH installed.

Establishing the port forwarding

First of all the port forwarding needs to be established. In the Putty Configuration window select “Connection” -> “SSH” -> “Tunnels”. In the dialog enter a port number in the “Source port” field. The port with this number will be opened on your local windows machine.  Of course the port has to be unused. The Putty documentation [1] recommends using a port number greater than 3000.  In the “Destination” field enter the file server’s IP address and port as seen from the SSH jump in server. Make sure that the “Local” radio button is selected. Make sure to use a colon between the IP address and the port number. Click the “Add” button to save the port forwarding.

Now change to the “Session” page and connect to the SSH jump in server. Log into the jump in server using your user name and password. To ensure, that the port forwarding was set up correctly, right click on the window frame and select “Event Log”. Near the bottom a line similar to

2011-03-03 14:24:28    Local port 3002 forwarding to 192.168.1.2:22

should appear.

Opening the scp connection

In the WinSCP window enter localhost into the host field and the port number you specified above into the port field. In the user name field the user name of the file server is needed and either in the same dialog or when asked during connection the corresponding password has to be entered.

Conclusion

The connection will be open until both the Putty session and the WinSCP connection are terminated.

Resources

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>