Multi-hop access facilitates connecting to target devices in applications that do not have interactive prompts. You can use this method to connect directly to the target, skipping the manual selection step in the Segura® Terminal Proxy.
Requirements
- An SSH client (command prompt or terminal) installed on your workstation.
- Access user for the Segura® Platform.
Connection Formats with Segura® SaaS
Use the standards below according to the desired authentication type. For the SaaS environment, it is necessary to specify port 4022.
Standard connection:
ssh -p 4022 segura_user[credential@target_device]%saas_tenant@segura_instance
Connection using SSH key:
ssh -p 4022 segura_user[key\credential@target_device]%saas_tenant@segura_instance
Connection with domain credential:
ssh -p 4022 segura_user[domain\credential@target_device]%saas_tenant@segura_instance
Connection with MFA (TOTP):
ssh -p 4022 segura_user[credential@target_device]mfa_token%saas_tenant@segura_instance
Command Parameters
| Item | Description |
|---|---|
| segura_user | Username to access the Segura® Platform. |
| segura_instance | Access URL of your Segura® environment provided. |
| saas_tenant | Identifier name of your tenant (ex: corporation_tenant). |
| credential | Credential username that will be used for access to the target. |
| target_device or IP | Hostname or IP address of the destination device. |
| domain | Name of the domain associated with the device or credential. |
| mfa_token | Six-digit code generated by your MFA Token. |
If your Segura® Platform user's password has expired, the terminal will display a message requesting the change through the web interface before allowing the connection via Multi-hop.
Protocol Selection via Multi-hop
If the target device has more than one registered connectivity (ex: SSH and Telnet) and you do not specify the protocol in the string, Segura® Platform will display the choice screen.
- Open the terminal and enter the access details:
ssh segura_user[credential@target_device]@segura_instance - On the Segura® Terminal Proxy screen, choose the desired option:
- 1: SSH (port 22).
- 2: Telnet (port 23).
- Press Enter.
- Type the destination command again as requested by the prompt.
Automatic Connection
To avoid the selection screen and connect automatically, specify the protocol and port within the braces {}:
ssh segura_user[credential@target_device{ssh.22}]@segura_instance
Use of escape characters: Depending on your terminal, it may be necessary to use quotes or backslashes to protect special characters like [ or %.