Hello,
I have a project here where we have a lot of small boxes in a closed network
(they use IP
addresses in the 10.*.*.* private use area). All of them have an SSH server
(dropbear),
and I know the user name and password for these.
Some nodes (the "gateway nodes") are accessible from the internet.
I am outside this network, but I have an IP address of one of those gateway
nodes. To
access any of the non-gateway nodes, our program until now opened an JSch
Session
(gateway) to the gateway node, and then used
gateway.setPortForwardingL(localPort, ipNode, 22);
with a random local port. Then it opened a new Session:
jsch.getSession(username, "127.0.0.1", localPort);
This worked fine (but seemed to neccesiate setConfig("StrictHostKeyChecking",
"no"), since
all connections now did go to 127.0.0.1).
But my program had to open a local port for every remote computer, and to
connect to this.
Since the program is running on a computer where quite a lot of people have
access, I have
no real control who else could connect to my ports ... also, it seems to use
quite a lot
of threads this way.
Thus, my idea was to implement the Proxy interface to create connections
directly via a
ChannelDirectTCPIP.
The code follows below, but it does not work. From the log output, it comes to
the end of
the Proxy's connect method, but then does not finish the connect method of the
Session.
"Worker-3" prio=10 tid=0x00007fb8f40c6800 nid=0x62a7 in Object.wait()
[0x00007fb8de901000]
java.lang.Thread.State: TIMED_WAITING (on object monitor)
at java.lang.Object.wait(Native Method)
- waiting on <0x00000000fcd42058> (a
com.jcraft.jsch.Channel$MyPipedInputStream)
at java.io.PipedInputStream.read(PipedInputStream.java:327)
- locked <0x00000000fcd42058> (a
com.jcraft.jsch.Channel$MyPipedInputStream)
at com.jcraft.jsch.IO.getByte(IO.java:73)
at com.jcraft.jsch.Session.connect(Session.java:234)
at com.jcraft.jsch.Session.connect(Session.java:154)
[...]
Another thread is reading from the socket (this is the gateway node):
"Connect thread 141.20.23.223 session" prio=10 tid=0x00007fb8f4460000
nid=0x62ef runnable [0x
00007fb8ec227000]
java.lang.Thread.State: RUNNABLE
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:146)
at com.jcraft.jsch.IO.getByte(IO.java:82)
at com.jcraft.jsch.Session.read(Session.java:821)
at com.jcraft.jsch.Session.run(Session.java:1241)
at java.lang.Thread.run(Thread.java:636)
No other threads are in any jsch-method.
After some time, I get a timeout in the gateway-session, and no other
connections work
from now on.
Tomorrow I'll try to make a SSCCE from it (i.e. an reproductible example usable
standalone), but does anyone already has an idea why this should not work? Or,
how it
should work?
(I'm not quite sure which JSch version is in use here - it is a quite big
program based on
the Eclipse framework, and somewhere in the zillions of plugins must be an JSch
jar.)
Thanks
PaĆlo
---------[The IActivator is simply an object providing the logInfo method, not
really
needed here. ]------
/**
* A Proxy implementation using an SSH Session to a gateway node
* as the tunnel.
*/
private static class SshGatewayProxy implements Proxy {
public SshGatewayProxy(Session gateway, IActivator logger) {
this.gateway = gateway;
this.activator = logger;
}
private Session gateway;
private IActivator activator;
private ChannelDirectTCPIP channel;
private InputStream iStream;
private OutputStream oStream;
@Override
public void close() {
channel.disconnect();
}
/**
* connects to the remote server.
* @param ignore the socket factory. This is not used.
* @param host the remote host to use.
* @param port the port number to use.
* @param timeout the timeout for connecting. (TODO: This is
not used, for now.)
* @throws Exception if there was some problem.
*/
@Override
public void connect(SocketFactory ignore, String host, int
port, int timeout)
throws Exception {
activator.logInfo("setup tunnel through gateway to " +
host +":"+port + "...");
channel =
(ChannelDirectTCPIP)gateway.openChannel("direct-tcpip");
channel.setHost(host);
channel.setPort(port);
channel.connect();
iStream = channel.getInputStream();
oStream = channel.getOutputStream();
activator.logInfo("tunnel to "+host +":"+port + "
established.");
}
/**
* Returns an input stream to read data from the remote server.
*/
@Override
public InputStream getInputStream() {
return iStream;
}
@Override
public OutputStream getOutputStream() {
return oStream;
}
@Override
public Socket getSocket() {
// TODO Auto-generated method stub
return null;
}
}
------------------------------------------------------------------------------
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network
management toolset available today. Delivers lowest initial
acquisition cost and overall TCO of any competing solution.
http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________
JSch-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jsch-users
