Xshell Knowledge Base

Multi-Hop Login Using Xshell

Last modified: Wednesday, May 4, 2016 1:06 AM

You may find yourself in a situation where you need to connect to your server only through the gateway server. There are several ways to accomplish this using Xshell.

OpenSSH's ProxyCommand Feature

Below is a sample of an OpenSSH configuration with the ProxyCommand setting:

+--------+       +----------+      +-----------+
| Source | <---> |  gw_svr  | <--> | dest_svr  |
+--------+       +----------+      +-----------+
In the above case, if your source machine is implemented with OpenSSH, you can simply use the following command:

$ ssh -o ProxyCommand='ssh user_of_gw_svr@gw_svr nc dest_svr 22' user_of_dest_svr@dest_svr

Or you can configure your personal ssh config file in your .ssh/config:

$ vi ~/.ssh/config

You'll need to append the following configuration:

Host myserver   # session name that can be any.
  HostName dest_svr  # the real host name that can be reached.
  User user_of_dest_svr
  Port 22
  ProxyCommand ssh user_of_gw_svr@gw_svr nc %h %p 

Then you can connect to your server using the following command:

$ ssh myserver

Login Scripts Feature of Xshell

You can also connect entirely using Xshell's sessions properties interface. The below outlines a simple case from session properties:

The expect string will differ, of course, depending on your situation.

SSH_PASSTHROUGH of Xshell's Proxy

Make a proxy configuration and select it in your session file.

The host listed under the Connection category must be your destination server.

Now you'll need to edit the startup script of your gw_svr (gateway server).

$ vi ~/.bash_profile

Depending on your preferred shell, your startup script may be .proilfe, .cshrc, etc. Insert the following scrip for jumping to the destination server:

$ vi ~/.bash_profile
if [ $XSHELL_PROTOCOL ]; then
echo "Jumping to $XSHELL_HOSTNAME..."

/usr/bin/expect -c "
log_user 0
if { \"$XSHELL_PROTOCOL\" == \"TELNET\" } {
expect -nocase \"assword:\"
if { \"$XSHELL_PASSWORD\" != \"\" } {
} else {
expect  {
-nocase \"assword:\" {
if { \"$XSHELL_PASSWORD\" != \"\" } {