Background
Royal Server Secure Gateway is using SSH Tunneling internally to tunnel connections to servers.
The general use case for Secure Gateway Connections is by using Royal TS/X connections (supported types are Remote Desktop Connections, VNC, SSH and Telnet Connections). But you can also use a standard SSH client to tunnel through Royal Server - no Royal TS/X clients are needed.
Prerequisites
To make this work, please disable the setting “Only allow Royal TS/X as client” in the “Security Configuration” in the “Secure Gateway” section in the Royal Server Configuration Tool.
Using SSH to tunnel through Royal Server
In order to use Royal Server as a Jump Host for a standards-based SSH connection issue the following command:
ssh -J rs-secure-gateway-user@<royal-server-host> destination-host-user@<destination-host>
Now, you first have to enter the password for authenticating with Royal Server and then the password for authenticating with the destination host.
As usually, the “rs-secure-gateway-user” needs to be in the local group “Royal Server Gateway Users”. If you are using a user account that is not member of this group, you will find the following log entry:
PreAuthentication rejected: Could not find Windows user account for demoadmin777 in RoyalServer.SecureGateway.SecureGatewayService {}
Using for debugging purposes
If you are using this way to tunnel through Royal Server for debugging purposes, please specify also verbose logging into a file:
ssh -v -J rs-secure-gateway-user@<royal-server-host> destination-host-user@<destination-host> 2>sshlog.txt
By using the -v switch and redirecting the output to sshlog.txt you get detailed logging from SSH.