Documentation
Native SSH Client
Connect to remote Linux and Unix servers through the GAccess Gateway using your preferred SSH client
Native SSH Client Connection
GAccess allows you to connect to remote servers using your preferred SSH client — such as OpenSSH, PuTTY, or any other standard SSH tool. The GAccess Gateway acts as a transparent proxy: it authenticates you, retrieves the target credentials from the vault, and establishes the connection on your behalf. You never need to know the target password or private key.
Gateway Address and Port
All native SSH connections go through the GAccess Gateway. Contact your administrator for the gateway hostname or IP address. The SSH proxy listens on port 2222 by default, though your organization may use a different port.
Username Format
Because the gateway proxies your connection to a target server, it needs to know both your GAccess identity and the destination. You provide all of this in the username field using the following format:
gaccess_username@domain@target_username@target_hostname| Part | Description |
|---|---|
gaccess_username |
Your GAccess login username |
domain |
Your organization's domain (e.g. acme.com) |
target_username |
The account on the target server to connect as |
target_hostname |
The hostname or IP address of the target server |
Password
When prompted for a password, enter your GAccess account password. The gateway authenticates you, retrieves the target credential from the vault, and connects you to the remote server transparently.
Local users with MFA: append | followed by your OTP to your password (e.g. MyPassword|482931).
Entra ID Federated users: use the temporary credential token provided in the GAccess connection dialog instead of your password.
See Overview for full details on MFA and federated authentication.
Connecting with OpenSSH
ssh -p 2222 john@acme.com@root@10.0.1.50 -h gateway.yourcompany.comConnecting with PuTTY
| Field | Value |
|---|---|
| Host Name | gateway.yourcompany.com |
| Port | 2222 |
| Username | john@acme.com@root@10.0.1.50 |
Enter your GAccess password when prompted.
File Transfer with SFTP
GAccess supports SFTP over the same gateway, allowing you to transfer files using any SFTP-compatible client such as WinSCP, FileZilla, or the sftp command-line tool. Use the same username format and gateway address.
Example — sftp command:
sftp -P 2222 john@acme.com@root@10.0.1.50@gateway.yourcompany.comExample — WinSCP / FileZilla:
| Field | Value |
|---|---|
| Protocol | SFTP |
| Host | gateway.yourcompany.com |
| Port | 2222 |
| Username | john@acme.com@root@10.0.1.50 |
| Password | Your GAccess account password |
How Administrator Configuration Affects Your Connection
The available capabilities during your session depend on how your administrator has configured the target and your permissions:
- File transfer — SFTP and SCP may be disabled for a given target by session policy.
- Session recording — your session may be recorded for audit purposes. A notice will appear in your terminal at the start of the session if recording is active.
- Session timeout — a maximum session duration may be enforced. The session will close automatically when the limit is reached.
- Credential access — you can only connect to targets you have been explicitly granted access to. Unauthorized connection attempts will fail at the authentication stage.
If you are unable to connect or a feature is unavailable, contact your administrator to verify your permissions and the target's session policy.