[
https://issues.apache.org/jira/browse/GUACAMOLE-2192?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18046346#comment-18046346
]
Nick Couchman commented on GUACAMOLE-2192:
------------------------------------------
[~makarem] As I mentioned, already, in the mailing list, I do not believe this
is a Guacamole limitation, I believe that this is because SFTP channels on the
*_jump box_* do not allow for scripts to be run to redirect the SFTP traffic -
this requires the interactive login on a standard SSH channel. To reinforce
this, the documentation you provided for GCP does not mention anything about
allowing file transfers through the IAP mechanism, and the links it provides
for documentation on transferring files mention the Cloud Console and manually
managing SSH access by using an external (or internal, but accessible to your
system) IP address. In short, this is not a limitation of Guacamole, this is a
limitation of how the GCP IAP mechanism works.
As far as generally tunneling connections through a SSH-based jump box, this is
already covered under GUACAMOLE-312, and will be implemented when that is fully
implemented.
> Allow file transfer for ssh connections through gcp tunnel iap
> --------------------------------------------------------------
>
> Key: GUACAMOLE-2192
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-2192
> Project: Guacamole
> Issue Type: Improvement
> Components: SSH
> Reporter: makarem
> Priority: Minor
>
> Hello,
> We have a use case on which the ssh connection is done through a jumpbox:
> 1- In the network hostname field, we specify the ip address of an
> intermediate machine (the jumpbox) that acts as a proxy between the Guacamole
> server and the target machine. We have this configuration because the target
> machine have not public ip and the network flows are not allowed with
> guacamole server.
> 2-When user connect whith ssh to the jumpbox, this command line "gcloud
> compute ssh --zone "<target instance_zone>" "<instance name>"
> --tunnel-through-iap --project "<project id of the target isntance>" --quiet
> " is executed automatically to connect user from the jumpbox to the target
> machine with tunnel iap. Here is a the google documentation
> [https://docs.cloud.google.com/compute/docs/connect/ssh-using-iap]
> 3- In this specific use case, if we activate the sftp for file transfer, when
> user want to copy files from his local machine to the target remote machine,
> files are instead copied to the jumpbox.
> Is it possible to have an extension for guacamole that address this use case ?
> Thank you in advance
> Best regards
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
