Step 1. Prepare Server Host Keys

When you first install and run Ch1.Gateway, it’ll show the following message about generating server host keys. Ch1.Gateway uses these keys for encrypting session data traffics. You cannot start Ch1.Gateway without these keys.


As the file format used for host keys is compatible with OpenSSH (http://www.openssh.org). So, if you wish to use host keys generated from OpenSSH tools instead of Ch1.Gateway’s, simply copy the files to Ch1.Gateway home folder, ‘<home-folder-path>\ssh’.




Step 2. Select Service Modules

Jump-point

When this module is enabled and the connected client request a jump-point, Ch1.Gateway acts as an agent that connects to an actual destination host and relays data between the actual host and connected client. (Token2Shell is currently the only client software that supports this feature.)

In order to manage the list of destination hosts, please use Token2Shell (this software is not a part of Ch1.Gateway and requires a separate purchase). The address book entries created and managed in Token2Shell are used as jump-points without any modification or conversion. You simply need to assign Token2Shell home folder to [ Service Modules] » [ Jump-point ] » “Home Folder Path” option.



Virtual File System (SFTP)

This module is for allowing access to files and folders via SFTP clients. Only the files and folders below the configured “Home Folder Path” will be accessible.

Ch1.Gateway SFTP Folder Sample

To allow access to a folder that’s not under the “Home Folder Path“, create a shortcut for that folder under the “Home Folder Path“. The shortcut will be presented as an actual folder to the connected client software.

Please note that the “Home Folder Path” will be considered as a top level folder, i.e., “/”, and its actual path will be hidden to the client software. Also, all shortcuts will be presented as real files and folders.

File and folder access rights will be in line with the logged on user account, unless “Only allow read permission” option is enabled. If this option is enabled, all “write-related” requests will be denied even if the logged on user has that permission.


Port Forwarding

This module provides support for SSH port forwarding. It can be used by any SSH client software that supports port forwarding. Ch1.Gateway also supports “Server Preset Ports” which is currently only supported in RAH (Remote Access Hub).

In typical SSH port forwarding usage scenario, a client software sends a request with destination host address and port number. This requires the user of the client software to exactly know about the destination host and configure the client software accordingly.

By using “Server Preset Ports“, you can eliminate those steps. The end user simply needs to add an address entry for Ch1.Gateway server. When the client software makes a connection to Ch1.Gateway server, it downloads port information and setup local port forwardings automatically. (To improve security and maximize the flexibility of network resource assignments, the information about the actual port forwarding destination host is hidden from the end user.)



Step 3. Click “Start”!

If you wish to start Ch1.Gateway server as soon as it’s launched, add “/start” command line switch. For example, if you have a shortcut to Ch1.Gateway as

"C:\Program Files\Choung Networks\Ch1.Gateway\Ch1.Gateway.exe"

change it to

"C:\Program Files\Choung Networks\Ch1.Gateway\Ch1.Gateway.exe" /start


User Accounts

Ch1.Gateway utilizes and shares Windows user accounts for its access. If you wish to restrict file or folder access, simply use the standard Windows features for managing user accounts and permissions. For example, if you need to add a user for Ch1.Gateway access in Windows Vista, open Control Panel and go to “Manage Accounts” and create a new account.