![[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!](https://beyondjapan.com/cms/wp-content/uploads/2022/12/recruit_blog_banner-768x344.jpg)
[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!
![[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services](https://beyondjapan.com/cms/wp-content/uploads/2021/03/AWS_構築・運用保守-768x344.png)
[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services
![[Successor to CentOS] AlmaLinux OS server construction/migration service](https://beyondjapan.com/cms/wp-content/uploads/2023/08/almalinux_blogbanner-768x344.png)
[Successor to CentOS] AlmaLinux OS server construction/migration service
![[For WordPress only] Cloud server “Web Speed”](https://beyondjapan.com/cms/wp-content/uploads/2022/11/webspeed_blog_banner-768x344.png)
[For WordPress only] Cloud server “Web Speed”
![[Cheap] Website security automatic diagnosis “Quick Scanner”](https://beyondjapan.com/cms/wp-content/uploads/2023/04/quick_eyecatch_blogbanner-768x345.jpg)
[Cheap] Website security automatic diagnosis “Quick Scanner”
![[Reservation system development] EDISONE customization development service](https://beyondjapan.com/cms/wp-content/uploads/2023/06/edisone_blog_banner-768x345.jpg)
[Reservation system development] EDISONE customization development service
![[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”](https://beyondjapan.com/cms/wp-content/uploads/2021/03/Appmill_ブログバナー-768x344.png)
[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”
![[Compatible with over 200 countries] Global eSIM “Beyond SIM”](https://beyondjapan.com/cms/wp-content/uploads/2024/05/beyond_esim_blog_slider1-768x345.jpg)
[Compatible with over 200 countries] Global eSIM “Beyond SIM”
![[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”](https://beyondjapan.com/cms/wp-content/uploads/2024/05/china-sim_blogbanner-768x345.jpg)
[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”
![[Global exclusive service] Beyond's MSP in North America and China](https://beyondjapan.com/cms/wp-content/uploads/2024/06/gloval_surport_blog_slider-768x345.jpg)
[Global exclusive service] Beyond's MSP in North America and China
![[YouTube] Beyond official channel “Biyomaru Channel”](https://beyondjapan.com/cms/wp-content/uploads/2021/07/バナー1-768x339.jpg)
[YouTube] Beyond official channel “Biyomaru Channel”
How to connect to SCP using WinSCP via a springboard server
table of contents
My name is Ito and I am an infrastructure engineer.
In recent server configurations, there are many environments in which connections are made to the server via a stepping stone server in order to increase the security level.
It has a configuration like this.
The configuration is such that end users can only access the web server via http, and developers who set up the servers can connect to each server via SSH via a springboard server.
I think SCP is often used when uploading content, but
in a configuration where a stepping stone server exists, it is not possible to connect to the target server using SSH or FTP.
So, WinSCP via a springboard server.
session part
This is the part to enter on the screen started by WinSCP.
| Transfer protocol | SCP |
| host name | local IP address |
| port number | 22 |
| username | Username of the server to connect to via bastion |
| password | Password for the server you connect to via the springboard |
tunnel
Configure the connection to the springboard server in [Settings] - [Connection] - [Tunnel].
| Connect via SSH tunnel | check |
| host name | Host name or IP address of the stepping stone server |
| port number | 22 |
| username | Username to connect to the bastion server |
| password | Password to connect to the springboard server |
| local tunnel port | automatic selection |
| private key | Private key (.ppk) required to connect to the springboard server |
(The private key is required if the end server is a key connection)
certification
Set the authentication conditions in [Settings] – [SSH] – [Authentication].
It is OK if you make the following settings in "Authentication conditions" in the middle.
- Check "Allow agent transfer"
- Select the private key from earlier
connect
When you connect with the above settings, you will be asked to enter the passphrase for your private key.
You will be asked twice to log in to the base server and from there to the end server.
You can now connect successfully.
Connecting via a springboard server is a little troublesome, so please connect using this method!
9
Loading...9 
![[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution](https://beyondjapan.com/cms/wp-content/uploads/2024/05/59b34db220409b6211b90ac6a7729303-1024x444.png)
[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution
![[Osaka/Yokohama] Actively recruiting infrastructure engineers and server side engineers!](https://beyondjapan.com/cms/wp-content/uploads/2022/12/20221215_recruit_blog_banner.jpg)
[Osaka/Yokohama] Actively recruiting infrastructure engineers and server side engineers!
The person who wrote this article
About the author
