Do you need to connect through a jump host / SSH gateway server to reach another host behind that server?
First, watch this video about SecureCRT's Dependent Sessions (Jump Host) feature.
If the SSH2 server on your jump host does not support port forwarding, then you can use the techniques described below to help you get connected to secondary host.
Here is the general initial setup pattern:
Although it's not a security best practice, many individuals—for the sake of convenience—insist on being able to store username and password as part of the session configuration. If you're inclined to save credentials for the jump host, do so by saving them in the Session Options's SSH2 category for your jump host session as shown here:
The username and password stored as shown above are used to authenticate to the jump host. Later on, this tip will address where to store credentials (if you decide to do this) for authenticating to the secondary host.
Make a note of the last few characters of your shell prompt. In this case, I'd use the last two right-most characters of the shell prompt "] ".
Note that this example includes the trailing space character, since the blinking cursor is one space/column away from the closing ] in the jump host shell prompt. When you connect to your jump host, if the shell prompt shows the cursor blinking immediately next to the last character of the shell prompt, then you should not include a trailing space.
This information is needed later on when driving the automated process of connecting to the secondary host.
Once your initial setup is complete, and you have a session that gets you connected to the jump host and automatically runs the remote ssh command to get you to the remote host, you get to leverage the work you've just accomplished.
To create sessions for other hosts behind this same jumphost/gateway:
SecureCRT allows you to edit the properties of multiple sessions at once. See the Making Configuration Changes to Multiple Sessions tip.
When editing multiple sessions in bulk, the properties of the first session are shown in the Session Options window.
When editing the Logon Actions portion of multiple sessions at once using this mechanism, the following is possible:
IFF (IF and only iF):
Then that same value, if present in the other sessions, will also be changed without affecting the values of the other Logon Action rows.
- All of the sessions have the exact same number of Expect/Send rows, and
- You modify exactly one (and only one) value from either the Expect or the Send field and
- You are running SecureCRT 7.3 or newer (earlier versions of SecureCRT did not support this surgical logon actions modification capability)
WARNING: In every other scenario (e.g. if you're running a version of SecureCRT pre 7.3, or if you change more than one token element of the Logon Actions field), the result will be that all of the sessions being edited will have their Logon Actions' rows (Expect/Send fields and all) set to match every component of the first session's Logon Actions (the one that is visible as you're editing Session Options - Multiple)
This means that if you have a password saved in a Send field, and that password is present in the Send fields of other sessions currently being edited, changing only that password field will result in that password being updated in all of the sessions, without any of the other Expect or Send field values being modified/lost.
This graphic represents the concept of "n" sessions being edited in bulk, and the ssh user@… portion of the Logon Actions (the Send field in row 1 of each session) has a unique host name different for each session.
The idea is to modify only one Expect or Send field in one row and nothing else. If this singular edit approach is what you do when editing sessions in bulk, then all of the sessions will be modified such that whatever Send or Expect value you changed will have that same old value updated to the new value, and the remaining Logon Action rows and their Send/Expect fields will remain as-is.
With the bulk-editing capability described above, if the password for these hosts ever changes, you would:
Note: As a point of caution, in the event that you're unsure of how this works, and in case you inadvertently modify two fields instead of one, it is advised that you consider adopting the habit of performing a Tools / Export Settings… backup operation prior to attempting such a change so that you can restore your Logon Actions if the bulk edit operation gets botched in error.
Here you can control cookies using the checkboxes below. Some cookies are essential for the use of our website and cannot be disabled. Others provide a convenience to the user and, if disabled, may reduce the ease of use of our site. Finally, some cookies provide anonymous analytic tracking data that help us provide the user with a richer browsing experience. You can elect to disable these cookies as well.