sdtcon

Point and click secure remote access

Get sdtcon

The latest release is available from SourceForge or Opengear.

Windows users, download the .exe installer - OS X users download the shiny new .dmg - and the .tar.gz is for Linux and everyone else.

What is sdtcon?

The goal of the sdtcon project is to provide easy to configure, easy to use, secure remote and out of band access to systems and devices inside a private LAN or management network.

sdtcon is a multi-platform application written in Java. It utilizes the Java Secure Channel (JSch) implementation of SSH2 to create SSH redirections (aka SSH tunnels) into the private network through the public Internet via an SSH gateway, as illustrated in this network diagram. A client on the local host is automatically connected to the remote host through the secure tunnel, often using an otherwise insecure protocol such as Telnet or VNC.

Uniquely, sdtcon has overcome a traditional limitation of SSH2 and allows you to tunnel UDP based protocols (such as DNS or Serial over LAN) -- see the Development and releases section below for further details. Another unique feature is sdtcon's ability to facilitate out-of-band access to your remote hosts should the primary path to your SSH gateway be unavailable or unreliable.

sdtcon requires the freely available Java runtime environment (JRE) 1.4.2 or later (Sun JRE 5.x recommended).

How is it used?

In a typical configuration, the user specifies the address and authentication credentials of the SSH gateway and the address of remote LAN host they want to access. The user clicks the button corresponding to the service to use to access the remote host (e.g. VNC, HTTP). sdtcon sets up the SSH redirection and launches the appropriate client (e.g. RealVNC, Firefox) to access the remote host via the secure local endpoint.

The user may be a systems administrator or offsite user that needs to access a blade server in order to reboot it after an operating system crash, or perform/monitor other maintenance tasks.

Development and releases

sdtcon is preconfigured to tunnel VNC, RDP, HTTP, HTTPS, SSH and Telnet services. The user may modify the pre-canned services and specify new custom services using arbitrary port numbers and clients.

sdtcon also provides a client for tunneling UDP services over SSH. Note that this has been implemented to interoperate with the Opengear CM, SD and IM line of products. The mechanism required on the SSH server to forward the UDP traffic to its final destination is not provided by sdtcon.

See the News section of the project site for more detailed information on releases.

Please contact us if you have any questions or comments about this project. You may also submit bug reports, patches and feature requests via the project site.

Other points

Benefits and features of this application include:

• sdtcon interoperates with any SSH2-compliant gateway, including machines running OpenSSH, and Opengear's secure device and console servers
• Strong encryption and authentication using JSch SSH2 implementation
• Public key and password authentication to the SSH gateway
• Tunnels UDP based services, previously a limitation of SSH2
• Facilitates out-of-band access to the SSH gateway
• No limit of the number of gateways, hosts or services that can be configured
• No artificial limit on the number of hosts that can be accessed concurrently
• Very simple to configure and easy to use
• Runs on any machine running any graphical OS (Windows, Linux, Mac OS X) with the Java runtime environment (JRE) 1.4.2 or later (Sun JRE 5.x recommended)
• sdtcon is and shall remain free, open source software, distributed under the GPL

sdtcon development is sponsored by Opengear.