DOCSP-20681 ssh and socks5 (#384)

jocelyn-mendez1 · Jocelyn Mendez · jeff-allen-mongo · commit af7ad43cf8a8 · 2022-04-04T16:50:16.000-04:00
* DOCSP-20681 ssh and socks5 * DOCSP-20681 ssh and socks5 * DOCSP-20681 ssh and socks5 * DOCSP-20681 internal feedback changes * DOCSP-20681 internal feedback changes * DOCSP-20681 rewording corrections * DOCSP-20681 rewording corrections Co-authored-by: Jocelyn Mendez <jocelyn.mendez@Jocelyns-MacBook-Pro.local>
diff --git a/source/connect/ssh-connection.txt b/source/connect/ssh-connection.txt
@@ -11,3 +11,157 @@ Proxy / SSH Tunnel Connection Tab
    :backlinks: none
    :depth: 1
    :class: singlecol
+
+The :guilabel:`Proxy / SSH Tunnel` tab allows you to connect to your deployment using 
+a Proxy method or SSH Tunnel. 
+
+Procedure
+---------
+
+.. procedure::
+   :style: normal
+
+   .. step:: Click :guilabel:`Advanced Connection Options`.
+
+      .. figure:: /images/compass/advanced-connection-options.png
+         :figwidth: 690px
+         :alt: New Advanced Connection Options
+
+   .. step:: Click the :guilabel:`Proxy / SSH Tunnel` tab.
+
+      You have the following connection options:
+
+      .. list-table::
+         :header-rows: 1 
+         :widths: 50 50 
+      
+         * - Option
+           - Description 
+
+         * - SSH with Password 
+           - Connects to a deployment using a SSH Tunnel and has the option to secure 
+             the connection with a password. For information on SSH connections and 
+             the fields for this connection option, see :ref:`<ssh-fields>`.
+
+         * - SSH with Identity File 
+           - Connects to a deployment using a SSH Tunnel and uses an Identity File 
+             to secure the connection. For information on SSH connections and 
+             the fields for this connection option, see :ref:`<ssh-fields>`.
+
+         * - Socks5
+           - Connects to a deployment using a seperate proxy server. For more 
+             information on the fields for this connection option, see 
+             :ref:`<socks5>`. 
+
+      .. _ssh-fields:
+ 
+      SSH Connection
+      ~~~~~~~~~~~~~~
+
+      To connect to a deployment using :guilabel:`SSH with Password` or 
+      :guilabel:`SSH with Identity File`, use the following fields:
+
+      .. list-table::
+         :header-rows: 1 
+         :widths: 50 50
+      
+         * - Field
+           - Description
+
+         * - SSH Hostname
+           - Bastion (jumpbox) hostname. This is the unique identifier 
+             (Fully Qualified Domain Name, or FQDN) for the computer to access. 
+
+         * - SSH Port
+           - Port used for the SSH connection. This defaults to 22, 
+             the standard port for SSH.
+
+         * - SSH Username
+           - This is the user for which the profile to log into on the remote 
+             system. This is the user for which you want to establish the 
+             SSH connection.
+
+         * - SSH Password 
+           - (Optional) Password used to secure the SSH connection. This is 
+             required if you are not using an identity file.
+
+         * - SSH Identity File
+           - File from which the identity (private key) for SSH public 
+             key authentication is read.
+
+             Unix or OS X: If using OpenSSH, identity files are found in the ``~/.ssh`` 
+             directory. By default, the private key files have one of the following 
+             file names:
+
+             - ``id_dsa``
+             
+             - ``id_ecdsa``
+
+             - ``id_ed25519``
+ 
+             - ``id_rsa``
+
+             On Windows, the location of the identity files depends on your choice 
+             of SSH client, such as PuTTY. 
+
+         * - SSH Passphrase
+           - (Optional) If your private key is encrypted, provide the passphrase 
+             used to decrypt your private key. A passphrase provides an extra 
+             layer of security for an SSH connection.  
+
+      Behavior
+      ````````
+
+      - In |compass|, :guilabel:`SSH Tunnel Connections` allow users to connect 
+        to replica sets. 
+
+      - Users can connect to replica sets using SSH Tunnels and 
+        :ref:`TLS / SSL connections <tls-ssl-tab>`. 
+
+      .. _socks5:
+
+      Socks5
+      ~~~~~~
+
+      To connect to a deployment using :guilabel:`Socks5`, use the following 
+      fields:
+
+      .. list-table::
+         :header-rows: 1 
+         :widths: 50 50
+      
+         * - Field
+           - Description
+
+         * - Proxy Hostname
+           - Domain name, IPv4, or IPv6 address on which a socks5 proxy is listening.
+
+         * - Proxy Tunnel Port
+           - (Optional) TCP port number. Default is 1080.  
+         
+         * - Proxy Username
+           - (Optional) Username used to authenticate the connection with the proxy 
+             server.  
+         
+         * - Proxy Password
+           - (Optional) Password used to authenticate the connection with the 
+             proxy server. 
+
+      Behavior
+      ````````
+
+      - If you specify a non-local Socks5 proxy host and provide a 
+        username and password authentication, you receive a warning 
+        stating that the credentials will be sent in plaintext. 
+
+      - If you specify a remote Socks5 proxy host and do not enable TLS, 
+        you receive a warning stating that the proxy administrator will 
+        be able to intercept data sent and received by |compass-short|.
+
+   .. step:: (Optional) For advanced connection configuration options, click the :ref:`Advanced <advanced-connection-tab>` tab.
+
+   .. step:: Click Connect.
+
+.. seealso::
+
+   To disconnect from your deployment, see :ref:`<disconnect-tab>`.
