Re: [JSch-users] multi-stage ssh tunneling
Status: Alpha
Brought to you by:
ymnk
From: Paul B. <bem...@ya...> - 2006-11-16 15:08:08
|
This is very clever... very clever indeed. This will also work for more than 2 legs, and it keeps all password management on the local client machine... I can execute all tunneling from jsch, without having to establish follow on tunnels using exec'd ssh commands. I'm going to give this a try! paul --- leapingbytes <lea...@le...> wrote: > On fist "leg" tunnel "ssh" connection to second "leg" server like this: > > ssh -L 60022: web12.nit:22 bemowski@jump42 & > ssh -p 60022 -L 8080:localhost:8080 bemowski@localhost > > This way, you can make n-jumps without much problem. > > Andrei Tchijov > Leaping Bytes, LLC > > web: www.leapingbytes.com > email: an...@le... > AIM: leapingbytes > Google: lea...@gm... > ICQ: 151229319 > > > P.S. Little bit of shameless self promotion. If you are using Mac OS > X, you may want to take a look at http://www.leapingbytes.com/ > amostvpn. This is SSH Tunnel manager which can do multi-jump tunnels > and much more. > > On Nov 16, 2006, at 9:12 AM, Paul Bemowski wrote: > > > Hello - > > > > I'm new to jsch, as well as the mailing list. I've been working > > with jsch for about > > 2 days, and I must say I'm very impressed with the quality and > > scope of the > > application. With the examples, I was able to have it up and > > running (tunneling) in > > a few minutes. > > > > I do have a question however. I often need multi-stage tunnels, > > which is in part > > what I am trying to automate with jsch. Using standard ssh > > commands, I'd do > > something like this: > > > > ssh -t -g \ > > -L 8080:localhost:8044 \ > > bemowski@jump42 \ > > ssh -t -g \ > > -L 8044:localhost:8080 \ > > bem...@we...t > > > > I do know that I could port forward through the jump42 box to port > > 8080 of web12 - > > but there is a firewall between them that blocks everything but > > port 22. > > > > So - I can see very clearly how to use the API to create the first > > port forwarding. > > The question is how to use the API to execute the second ssh > > command as in the first > > ssh session, and provide the necessary credentials... I've tried by > > creating a > > ChannelExec and issuing the second ssh command, and using the > > streams to convey the > > passwords - but that does not work. I've also tried using the > > ChannelShell and > > using that to execute the second ssh command via the output stream. > > > > Both methods have failed. i've tried numberous stream readers and > > writers... > > nothing is working. > > > > I've searched the archives of this list as much as possible, but I > > don't see > > anything relating to this topic. > > > > Could someone perhaps give me a hint - or push me in the right > > direction? Is this > > multi-stage tunnel possible. Also, the next question is, can I do > > a 3 stage tunnel > > rather than 2 stage? I'd imagine that once I get the second ssh > > command to work, > > i'd repeat the process for the third... > > > > Thanks, > > Paul > > > > ---------------------------------------------------------------------- > > --- > > Take Surveys. Earn Cash. Influence the Future of IT > > Join SourceForge.net's Techsay panel and you'll get the chance to > > share your > > opinions on IT & business topics through brief surveys - and earn cash > > http://www.techsay.com/default.php? > > page=join.php&p=sourceforge&CID=DEVDEV > > _______________________________________________ > > JSch-users mailing list > > JSc...@li... > > https://lists.sourceforge.net/lists/listinfo/jsch-users > > |