What is a UNIX JumpBox

  • Service Provider

    In the UNIX world, a JumpBox (or whatever term you use to describe it like Jump Station or Jump Server) is essentially nothing more than an authenticating, login-based non-tunneling SSH Proxy used to proxy SSH connections from a number of points to a number of other points. (This separates Jump Boxes from other types of centralized access like SSH Tunnels and VPNs which serve some overlapping purposes but work differently.) Because UNIX is almost always managed via SSH, we assume that a UNIX Jump Box will be SSH-based but this is not a hard and fast rule. Other protocols like VNC, RDP or NX could be used as well, both for incoming and outgoing connections. Incoming and outgoing connections need not be symmetrical either. It is more common, for example, for NX to be used as an external interface and SSH only to be used on the internal side.

    The idea behind a Jump Box is to increase security both through hard increases in security through a reduction in attack surface and an improvement in monitoring and hardening as well as through lowering the necessary overhead of accessing the network making soft increases in security by making high security easier for end users reducing their desire to "work around" good security methodologies.

    Jump Boxes can come in many different shapes and sizes but the basic approach is to have a server (generally a small VM) running an extremely bare boxes UNIX install that is heavily patched, monitored, hardened, up to date, lean and easily decoupled from the network that is exposed, generally to the Internet but not necessary, into which end users log in, generally via SSH.

    Jump Servers may or may not share authentication with the rest of the systems. A UNIX network using NIS or Active Directory or LDAP may extend this to the Jump Server for ease of use or may have a separate login process as an extra "gating" feature to make network access more difficult.

    Once users log into the Jump Server, the only UNIX machine to which they need to know access details, they have access to the other UNIX machines on their network. Typically access to other machines is either handled through an integrated authentication mechanism or through SSH keys to make access to other machines fast and transparent making management easier, faster and very secure and allowing for automation from the Jump Box. It is common in large organizations to have a Jump Box for administrative access and possibly one for non-admin access as well as management stations for automation access, but in smaller organizations these roles are typically collapsed into a single system.

    It is common for additional security, such as two factor authentication, to be applied to the JumpBox as it is the point of exposure. A single, very secure, very cumbersome login to the JumpBox can easily be offset by nearly effortless systems access once logged in. Some approaches often considered are enforcing the use of SSH Keys (that do not match the internal shared keys of the UNIX systems) with Passphrases for extra security and 2FA such as Google Authenticator.

  • Service Provider

    Of course JumpBoxes exist in the Windows world as well, but are much less common because Windows tends to ubiquitously use Active Director and lacks the idea of SSH Keys which changes the value of a JumpBox of this nature. It is far more typical in the Windows world to have RDP Proxies directly or VPN connections. No hard and fast rule that UNIX should do one thing and Windows another, mostly caused by common differences in expected approaches around access methods and authentication methods.

  • I got information about Jump servers because of you (Scott)

  • Isn't using a SSH key and a password considered two factor authentication? Something you have (the SSH key) and something you know (the password). The use of Google Authenticator in this case would be redundant to the something you have, assuming you you're using all three.

    Was it your intension to imply the use of three?

  • Service Provider

    @Dashrender said:

    Isn't using a SSH key and a password considered two factor authentication?

    It is not generally considered to be this. An SSH Key is just a really, really long password that you probably can't remember. Would you consider having two passwords, both entered from the same place, to be two factor? I would not. It's more like one factor plus. It's an incredibly secure single factor, but the key itself is still a single factor, just a really strong one.