What is an SSH gateway server?

SSH gateway server is a server you use to login via ssh to your other servers.

Why do you need an SSH gateway server?

You have at least a few servers, and a few techs for administration of those servers. You may want to setup an SSH gateway server to which your techs can login via ssh and then login to any of your other servers. You may setup SSH keys for login to your other servers from your SSH gateway server so that your techs need only remember the login to your SSH gateway server. Also you can improve security of your servers by allowing SSH access only from the IP of your SSH gateway server. You may create separate user accounts for each tech to the SSH gateway server in order to manage techs easily.

Limitations of the above setup...

  • If the SSH gateway server gets hacked somehow or if a tech's user account on the SSH gateway server is compromised, the attacker gets root access to all your servers. If the attacker executes an "rm -rf /" in a loop for each of your servers, you can be down for hours or even days. And you can recover only if you have good offsite backups.
  • A tech can read the SSH private keys, run commands on the SSH gateway server which are not necessary.
  • Managing access to certain servers by certain techs is not easy. You may manage it by using different SSH keys for different user accounts, but then you have to add new key on all your servers when you hire a new tech.
  • There is no way to track who did what on your servers.
  • Have to provide the techs with root passwords separately if they need to login to WHM for administration purpose.

Check out http://www.ezeelogin.com for setting up a secure SSH gateway server easily. Not only it overcomes the above limitations, but also provides you a lot more features!