Skip to content

RDS Remote Application: PuTTY SSH Client

PuTTY is a client used to establish interactive SSH sessions with other ssh-enabled hosts. When integrated with the 12Port Access Broker via Remote Desktop Services (RDS), PuTTY enables Zero Trust access to SSH Hosts through a fully monitored and credential-injected session, enabling automated jump host scenarios.

Installation and Configuration

1. Download Required Files
* Executable:
https://bin.12port.com/product/remote-apps/app-putty/app-putty.exe
* Configuration File (.ini):
https://bin.12port.com/product/remote-apps/app-putty/app-putty.ini

Source file: https://bin.12port.com/product/remote-apps/app-putty/app-putty.au3

* Place both the Executable (.exe) and Configuration (.ini) files in the same directory on the RDS Server where the Remote Application will be published. For example: C:\12Port-RDSApps.
* Install the PuTTY application on the RDS Host Server so it can be launched by the RDS Remote Application.

Note

For security purposes, the 12Port RDS feature will not establish trust in the PuTTY client to any hosts that require it. Each user must manually Accept trust directly through the same PuTTY client on the RDS server, while logged in with their RDS Host server connection account.

2. Modify Configuration
The .ini configuration file can be updated to define the full path location of the installed PuTTY client on the RDS Host server.

[app]
exe=C:\Program Files\PuTTY\putty.exe

3. Publish the Remote Application
Use the following PowerShell command as an example to publish PuTTY as a RemoteApp on the RDS server. This command must be executed from an elevated (Administrator) PowerShell session:

New-RDRemoteApp `
  -CollectionName "QuickSessionCollection" `
  -Alias "app-putty" `
  -DisplayName "app-putty" `
  -FilePath "C:\12Port-RDSApps\app-putty\app-putty.exe" `
  -ShowInWebAccess $true `
  -CommandLineSetting "Allow"

Ensure the CommandLineSetting is set to "Allow" to enable the Access Broker to pass connection parameters to the application.

Note

Make sure the -FilePath value accurately reflects the location of the executable on the RDS server.

RDS Application Asset Configuration

To enable Zero Trust access to PuTTY via the 12Port Access Broker:

  • In the RDS Remote Application asset, set the Remote App field to: 
    ||app-putty

  • Set the Remote Arguments field to: 

    Host,User,Password

    • Specify Host as the destination Host Name (or IP address) that the PuTTY client will connect to from the RDS Host server.

    • Specify User as a privileged account for zero trust access.

    • Specify Password for the privileged account for zero trust access.

PuTTY Client - Asset View

These values allow the Access Broker to inject credentials into the PuTTY connection without exposing them to the user.

RDS Session - PuTTY Client

Example shown in non-fullscreen view for documentation purposes only. Actual RDS session defaults to fullscreen mode.