An SSH Proxy Jump Host is available for users to connect to servers via SSH from off campus networks. The Proxy Jump server acts like a secure bastion and will require you to use your BlueKey ID, password and MFA. You will be prompted to enter your Entra ID Password (BlueKey Password) and validate your login with MFA (a request will then be sent to your default MFA option).
The proxy jump command is supported by many OpenSSH based clients, which includes the standard command line ssh clients on Linux, macOS, and Windows. To use the proxy you will need to pass the -J flag to tell your client to use a jump server, you then specify your BlueKey username and remote server username in your SSH command. An example looks like this:
ssh -J bluekey_username@sshjump.depaul.edu remote_server_username@target_server.depaul.edu
Generally, your BlueKey username will be the same user account used for many DePaul services, such as BlueMail or D2L. The "remote server username" is the specific username assigned to you for login to the remote server. These accounts may be the same or may be different depending on the remote server you are logging in to. Specific examples for common operating systems are shown below and assume that you are using Push Notification with the Microsoft Authenticator for MFA. Note, the FileZilla and Cyberduck file transfer clients currently do not support proxy jump with MFA and are therefore not compatible when used to connect from an off campus network. If you require the use of these clients they can be accessed from the campus virtual lab.
Key-based Authentication is also supported through the proxy jumphost service in addition to password-based authentication. Key-based authentication brings increased security by providing cryptographic strength that even extremely long passwords can not offer. If you are planning to use an SSH key pair for authentication to a DePaul server please head to keymgmt.sshjump.depaul.edu to upload your public key. Instructions on how to upload your public SSH key to your BlueKey Account are located here.