PowerShell Server 2016
PowerShell Server 2016
Questions / Feedback?

Tunnels

The Tunnels tab holds the configuration for SSL and SSH Reverse Tunnel related settings. The information provided in the list is as follows:

  • Tunnel Name provides a friendly name for the tunnel.
  • Type indicates the type of tunnel. Plaintext, SSL, and SSH Reverse Tunnels are supported.
  • Listening Host indicates where the tunnel is listening.
  • Forwarding host indicates where the tunnel is directing its traffic.
  • SSH Server is the SSH server that PowerShell Server will connect to in order to establish the SSH Reverse Tunnel.
  • User is the username PowerShell Server will use to authenticate to the SSH server.
  • Status indicates whether the tunnel is Enabled or Disabled.
Clicking the Add... or Edit buttons will present a form that can be used to create a new tunnel, or edit an existing one, and clicking Delete will remove the selected tunnel.

Note that granular control for tunnels is available via the registry, where the reconnection logic, as well as other settings can be modified. These registry keys are documented on the SSL Tunnels and SSH Reverse Tunnels pages.

SSH Reverse Tunnels

SSH Reverse Tunnels provide a way to allow connections to network resources that would not typically be accessible. For example, a device behind a firewall that would not typically be accessible to the outside world, can be accessed through a SSH Reverse Tunnel. The client connects to the publicly accessible port on the SSH host and traffic is forwarded to the endpoint inside the network protected by the firewall.

In the above diagram, assume that PowerShell Server and the host identified by Server are on the same network, isolated from the Client. SSH Host is accessible by the Client. For the sake of clarity, assume that Port XXXX is 7777, but any open port may be used.

PowerShell Server connects to a SSH Host and requests that the incoming traffic on Port 7777 be forwarded back to PowerShell Server, which will then be directed to Server. Once this tunnel has been established, Client will then be able to connect to SSH Host on Port 7777 in order to communicate with Server.

When adding or editing a SSH Reverse Tunnel the following settings are available:

  • Enabled indicates whether the tunnel should be active or not.
  • Tunnel Name provides a friendly name for the tunnel.
  • Tunnel Type indicates the type of tunnel. Plaintext, SSL, and SSH Reverse Tunnels are supported.
  • Remote SSH Host is the SSH server that PowerShell Server will connect to in order to establish the SSH Reverse Tunnel.
  • Remote SSH Port is the port on which communication with the SSH server will take place. Most servers use port 22, which is the default value.
  • AuthMode is the type of authentication that will be attempted when logging in to the server. Password and Public Key authentication are supported.
  • Username is the username PowerShell Server will use to authenticate to the SSH server.
  • Password is the password PowerShell Server will use to authenticate to SSH server when using Password authentication.
  • SSH Client Key is the certificate PowerShell Server will use to authenticate to the SSH server during Public Key authentication.
  • Server Fingerprint indicates the SSH host key fingerprint of the server. This value is read-only and purely informational.
  • Listening Port indicates the port on which the SSH server will listen for the tunneled traffic.
  • Forwarding Host is the host where the tunneled traffic will be forwarded.
  • Forwarding Port is the port to which the tunneled traffic will be forwarded.

Once the necessary information has been entered, the Test SSH Connection button may be used to test the connection to the SSH server in order to verify the validity of the information provided.

SSL Tunnels

SSL Tunnels provide a way to allow secure connections to resources that would otherwise only be available through plaintext. For example, a web server that only supports plaintext connections can be secured by connecting through an SSL Tunnel.

When adding or editing a SSL Tunnel the following settings are available:

  • Enabled indicates whether the tunnel should be active or not.
  • Tunnel Name provides a friendly name for the tunnel.
  • Tunnel Type indicates the type of tunnel. Plaintext, SSL, and SSH Reverse Tunnels are supported.
  • Secure Server (SSL) determines if the tunnel will be secured by SSL, or simply a plaintext tunnel.
  • Certificate is the certificate with private key used when hosting the server side of the connection.
  • Listening Port indicates the port on which the SSH server will listen for the tunneled traffic.
  • Forwarding Host is the host where the tunneled traffic will be forwarded.
  • Forwarding Port is the port to which the tunneled traffic will be forwarded.

 
 
Copyright (c) 2017 /n software inc. - All rights reserved.
PowerShell Server 2016 - Version 16.0 [Build 6240]