5. suSSHi Gateway
suSSHi Gateway is the master gateway container of suSSHi and handles all SSH connections between clients and targets, performs all types of protocol inspection and logging, and all authentication and authorisation tasks associated with suSSHi Chef.
For reasons of scalability and redundancy, the suSSHi Gateway container can run on a number of hosts or instances. Load distribution can then be handled by external load balancers, a simple DNS round-robin or other redundancy mechanisms, provided by your container platform.
With each new connection, the master process within the container is forked and a new child process takes over all subsequent tasks such as authentication and authorization of the client, authentication to the target, logging, encryption and traffic forwarding for this specific session independent from the master process.
suSSHi supports multiple container process instances on the same host listening on different IP addresses or ports with different configuration options.