Contact Us
Help Center Home > VaultOne > VaultOne: Configure SSH Direct Access Using Linux Terminal

VaultOne: Configure SSH Direct Access Using Linux Terminal

VaultOne's Direct Access feature allows you to connect to machines outside of your web browser using methods like RDP and SSH.

If you're working from a Linux computer, you can use the terminal to enable direct SSH access to devices managed within VaultOne.

Prerequisites:

  • A computer running Linux with terminal access.
  • A computer or server already configured for SSH connection within your VaultOne platform.

Configuring Linux Terminal

First, configure your Linux device by adding and registering the SSH script handler.

Adding the Script Handler

  1. Open your terminal and run the following commands.
  2. Create a new directory in your home directory: mkdir ~/vaultone-handler
  3. Go into the newly created directory: cd ~/vaultone-handler
  4. Create an executable file named vaultone-ssh-handler.sh: touch vaultone-ssh-handler.sh
  5. Open the file with your preferred text editor (for example, nano vaultone-ssh-handler.sh or vim vaultone-ssh-handler.sh).
  6. Paste the following script content into the file:

!/bin/bash
This script detects available terminals and opens an SSH connection.
URL=$1
Extract the SSH connection string (e.g., user@host) from the URL.
Assumes URL format like ssh://user@host[:port][/path]
SSH_TARGET=$(echo "$URL" | sed -n 's|^ssh://([^/]).|\1|p')
Detect and use preferred terminal
if command -v gnome-terminal &> /dev/null
then
gnome-terminal -- /bin/bash -c "ssh $SSH_TARGET; exec bash"
elif command -v konsole &> /dev/null
then
konsole -e "ssh $SSH_TARGET"
elif command -v xterm &> /dev/null
then
xterm -e "ssh $SSH_TARGET"
elif command -v alacritty &> /dev/null
then
alacritty -e ssh $SSH_TARGET
elif command -v terminator &> /dev/null
then
terminator -e "ssh $SSH_TARGET"
elif command -v urxvt &> /dev/null
then
urxvt -e ssh $SSH_TARGET
else
echo "No supported terminal found. Please open a terminal manually and run: ssh $SSH_TARGET"
fi

  1. Save and close the file.
  2. Make the script executable: chmod +x vaultone-ssh-handler.sh

Adding the SSH Protocol Handler Configuration

  1. Create a .desktop file for the SSH handler: touch ~/.local/share/applications/SSH-Handler.desktop
  2. Open this file with your text editor.
  3. Paste the following content into the file:

Important:

Remember to replace YOUR_USERNAME with your actual Linux username.

[Desktop Entry]
Name=SSH Handler
Comment=Handles
SSH links for VaultOne
Exec=/home/YOUR_USERNAME/vaultone-handler/vaultone-ssh-handler.sh %u
Terminal=false
Type=Application
MimeType=x-scheme-handler/ssh;
Categories=Network;

  1. Save and close the file.

Registering the Protocol Handler

  1. Register the script as the default handler for SSH protocol links: xdg-mime default SSH-Handler.desktop x-scheme-handler/ssh

This command allows your device to recognize and process ssh:// URLs using the script you just configured.

Connecting to a Device via SSH Direct Access

Once the setup is complete, you can initiate a connection:

  1. Go to the VaultOne platform.
  2. In the main menu, click Servers.
  3. Find the device you want to access and click Actions > Connect.
  4. Click Direct Access.
  5. Finally, click Open.

This action should automatically launch a new terminal window on your Linux device. This terminal automatically connects to the Bastion of your VaultOne connector, which will facilitate the connection to the selected device. You are typically prompted for further authentication (for example, password and MFA) to finalize the connection.

Back to Top

List IconIn this Article

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case