[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
reverse port forwarding + encrypted shell?
[Thread Prev] | [Thread Next]
- Subject: reverse port forwarding + encrypted shell?
- From: Francisco Alberto Kindelan-Espinosa <franciscokindelanespinosa@xxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Tue, 26 Feb 2019 18:52:42 -0600
- To: libssh@xxxxxxxxxx
Hello all. My question is in the title. How do I combine an ssh shell with reverse port forwarding? I want to use libssh to implement a reverse ssh connection from a client libssh computer behind a NAT to a server on the internet. The goal is for the the client to initiate the connection at a predetermined maintenance time and if the connection doesn't time-out, connect to a port on the the server to an interactive command shell on the client. I followed the "Doing reverse port forwarding with libssh" example from http://api.libssh.org/master/libssh_tutor_forwarding.html. and combined it with the code at http://api.libssh.org/master/libssh_tutor_guided_tour.html. I replaced the webserver with a command process and, thanks to the excellent libssh examples, it works! There are just a couple of improvements I want to make: 1) My forwarded port connection is unencrypted. Maybe it doesn't sound like a big deal, since I am just opening the connection on a port on the ssh server, but that may not always be the case and I'd really like for the connection to be encrypted all the way. 2) I use ssh_read and ssh_write to process stdin and stdout/sterr respectively for my command shell and the shell doesn't feature any modern conveniences and is very fragile. Can I use the channel returned from the below function to spawn an ssh shell on the client? channel = ssh_channel_accept_forward(session, 60000, &port); By perhaps passing it to the following example? int interactive_shell_session(ssh_channel channel) { int rc; char buffer[256]; int nbytes; rc = ssh_channel_request_pty(channel); if (rc != SSH_OK) return rc; rc = ssh_channel_change_pty_size(channel, 80, 24); if (rc != SSH_OK) return rc; rc = ssh_channel_request_shell(channel); if (rc != SSH_OK) return rc; while (ssh_channel_is_open(channel) && !ssh_channel_is_eof(channel)) { nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0); if (nbytes < 0) return SSH_ERROR; if (nbytes > 0) write(1, buffer, nbytes); } return rc; } Thanks, Frank
Archive administrator: postmaster@lists.cynapses.org