This is very clever... very clever indeed.
This will also work for more than 2 legs, and it keeps all password management on
the local client machine... I can execute all tunneling from jsch, without having
to establish follow on tunnels using exec'd ssh commands.
I'm going to give this a try!
--- leapingbytes <leapingbytes@...> wrote:
> On fist "leg" tunnel "ssh" connection to second "leg" server like this:
> ssh -L 60022: web12.nit:22 bemowski@... &
> ssh -p 60022 -L 8080:localhost:8080 bemowski@...
> This way, you can make n-jumps without much problem.
> Andrei Tchijov
> Leaping Bytes, LLC
> web: http://www.leapingbytes.com
> email: andrei@...
> AIM: leapingbytes
> Google: leapingbytes@...
> ICQ: 151229319
> P.S. Little bit of shameless self promotion. If you are using Mac OS
> X, you may want to take a look at http://www.leapingbytes.com/
> amostvpn. This is SSH Tunnel manager which can do multi-jump tunnels
> and much more.
> On Nov 16, 2006, at 9:12 AM, Paul Bemowski wrote:
> > Hello -
> > I'm new to jsch, as well as the mailing list. I've been working
> > with jsch for about
> > 2 days, and I must say I'm very impressed with the quality and
> > scope of the
> > application. With the examples, I was able to have it up and
> > running (tunneling) in
> > a few minutes.
> > I do have a question however. I often need multi-stage tunnels,
> > which is in part
> > what I am trying to automate with jsch. Using standard ssh
> > commands, I'd do
> > something like this:
> > ssh -t -g \
> > -L 8080:localhost:8044 \
> > bemowski@... \
> > ssh -t -g \
> > -L 8044:localhost:8080 \
> > bemowski@...
> > I do know that I could port forward through the jump42 box to port
> > 8080 of web12 -
> > but there is a firewall between them that blocks everything but
> > port 22.
> > So - I can see very clearly how to use the API to create the first
> > port forwarding.
> > The question is how to use the API to execute the second ssh
> > command as in the first
> > ssh session, and provide the necessary credentials... I've tried by
> > creating a
> > ChannelExec and issuing the second ssh command, and using the
> > streams to convey the
> > passwords - but that does not work. I've also tried using the
> > ChannelShell and
> > using that to execute the second ssh command via the output stream.
> > Both methods have failed. i've tried numberous stream readers and
> > writers...
> > nothing is working.
> > I've searched the archives of this list as much as possible, but I
> > don't see
> > anything relating to this topic.
> > Could someone perhaps give me a hint - or push me in the right
> > direction? Is this
> > multi-stage tunnel possible. Also, the next question is, can I do
> > a 3 stage tunnel
> > rather than 2 stage? I'd imagine that once I get the second ssh
> > command to work,
> > i'd repeat the process for the third...
> > Thanks,
> > Paul
> > ----------------------------------------------------------------------
> > ---
> > Take Surveys. Earn Cash. Influence the Future of IT
> > Join SourceForge.net's Techsay panel and you'll get the chance to
> > share your
> > opinions on IT & business topics through brief surveys - and earn cash
> > http://www.techsay.com/default.php?
> > page=join.php&p=sourceforge&CID=DEVDEV
> > _______________________________________________
> > JSch-users mailing list
> > JSch-users@...
> > https://lists.sourceforge.net/lists/listinfo/jsch-users