Windows ziti edge putty sshd

How things work
1

I would like to load ziti tunnel on centos 7 and centos 5 (sorry i know its old). Then have the clients use windows ziti edge and putty/winscp to connect. The documents for ziti tunnel are to complex for me can you send a linux beginner’s level instructions. Or connect me with a service engagement. Thank you.

2

Hi tvanwhy,

A step by step instruction document is available on our support guide. please find the link for your reference https://support.netfoundry.io/hc/en-us/articles/360045177311-How-to-Install-run-the-Ziti-edge-tunnel-for-Linux

  1. Download latest Ziti Edge version : Release v0.19.0 · openziti/ziti-tunnel-sdk-c · GitHub
  2. Extract the Zip file and provide necessary permissions : chmod +x ./ziti-edge-tunnel
  3. Create the endpoint on MOP and download the .jwt file, keep the .jwt and ziti-edge-tunnel on same folder and use the following command to enroll the identity : ./ziti-edge-tunnel enroll --jwt myTunneler.jwt --identity myTunneler.json
  4. Run the command for transparent intercepting proxy : sudo ./ziti-edge-tunnel run --identity myTunneler.json

Replace mytunneler with the endpoint name that you created on MOP.

1 Like
3

Both Centos are production servers running a proprietary postgres database. Im concerned i could break the production environment after reading the DNS troubleshooting. Dyou have professional services or a subject matter expert i can hire?

Ty

4

Hi Tvanwhy,

Please share the following details Company Name, address, contact number, use case and requirements to our customer success customer.success@netfoundry.io. Our team will get in touch with you and will do the needful.

Thank you

5

@tvanwhy In case you only wish to provide SSH access to the CentOS hosts then you may use this run command to avoid configuring DNS and IP routes. That is, in case you do not need intercept at all on the CentOS hosts.

./ziti-edge-tunnel run-host --identity myTunneler.json
  1. run-host mode instead of run
  2. no DNS or IP routes are configured i.e. no transparent proxy for outgoing
  3. incoming to configured services works normally
  4. no root privilege is required, i.e. no sudo
6

@tvanwhy Will you let me know which documents you found first? Maybe I can simplify them.