How to Set Up Nginx Proxy for a Windows Jump Host to Linux Servers
Using Nginx proxy, you can configure your Windows machine to act as a jump host for Linux servers, enabling secure SSH traffic forwarding. This guide walks you through the steps to make this setup secure and efficient.
Step 1: Install and Configure Nginx on Windows
To begin, you need to have Nginx installed on your Windows machine. If not yet installed, download and extract the latest version from the official Nginx website. After installation, configure Nginx to forward SSH traffic from Windows to Linux servers.
- Stop the Nginx Service
In your command line interface (CLI), stop the Nginx service:./nginx.exe -s stop - Edit the Nginx Configuration File
Open the Nginx configuration file and add the following configuration to forward SSH traffic:stream { server { listen 192.168.0.23:2222; proxy_pass 192.168.0.106:22; } }Here:- 192.168.0.23 is the Windows jump host IP.
- 192.168.0.106 is the Linux server’s IP.
- Port 2222 is used for SSH forwarding.
Step 2: Finalize the Nginx Configuration
Once the SSH forwarding configuration is added, your full Nginx configuration should look like this:
stream {
server {
listen 192.168.0.23:2222;
proxy_pass 192.168.0.106:22;
}
}
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 8080 ssl;
server_name 192.168.0.23;
ssl_certificate C:\SSL\certificate.crt;
ssl_certificate_key C:\SSL\privatekey.key;
location /service_name {
proxy_pass http://192.168.0.48:5985/wsman;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffers 32 4k;
}
}
}
After saving your changes, restart Nginx:
./nginx.exe
Step 3: Set Up the Ansible Inventory File
Next, update your Ansible inventory file to connect to the Linux server via the Windows jump host.
- Edit the Ansible Inventory File
Open the Ansible inventory file (e.g.,/etc/ansible/workspace/myhosts1) and configure it as follows:[test] 192.168.0.106 [test:vars] ansible_ssh_user=root ansible_ssh_pass=zippyops ansible_ssh_extra_args="-R 2222:192.168.0.23:2222"This configuration tells Ansible to forward traffic through the Windows jump host at 192.168.0.23 and port 2222. - Test the Connection
Once configured, test the connection by running:ansible all -m pingIf configured correctly, Ansible will ping the target Linux server through the Windows jump host.
Why Use a Jump Host for Linux Server Access?
A jump host acts as an intermediary that secures connections between your local system and a remote Linux server. By using a Windows machine as a jump host, you enhance security by reducing exposure and simplifying access management.
For businesses looking to optimize operations and enhance security, ZippyOPS offers expert consulting and managed services in areas such as DevOps, Cloud, Automated Ops, and more. ZippyOPS helps organizations implement robust solutions for efficient management of infrastructure, data, and security.
For example, ZippyOPS specializes in DevSecOps, AIOps, MLOps, and Microservices solutions, enabling businesses to drive automation and optimize their IT environments. Explore our services and products.
Conclusion
Using Nginx proxy to set up a Windows machine as a jump host for Linux servers allows you to securely forward SSH traffic, improving access management and security. For businesses seeking advanced infrastructure management, ZippyOPS offers a range of solutions to enhance operational efficiency. Contact us today at sales@zippyops.com for professional services tailored to your needs.
