Re: [JSch-users] Proxy over SSH

Fri, 29 Apr 2011 13:54:43 -0700 

Atsuhiko Yamanaka skribis:
>    +-From: Paul Ebermann <paul-eberm...@gmx.de> --
>    |_Date: Thu, 28 Apr 2011 03:04:12 +0200 __
>    |
>    |I am outside this network, but I have an IP address of one of those 
> gateway nodes. To
>    |access any of the non-gateway nodes, our program until now opened an JSch 
> Session
>    |(gateway) to the gateway node, and then used
>    |
>    |  gateway.setPortForwardingL(localPort, ipNode, 22);
>    |
>    |with a random local port. Then it opened a new Session:
>    |
>    |  jsch.getSession(username, "127.0.0.1", localPort);
>    |
>    |This worked fine (but seemed to neccesiate 
> setConfig("StrictHostKeyChecking", "no"),
>    | since all connections now did go to 127.0.0.1).
> 
> The following will be better in that scenario,
> 
>   int localPort = gateway.setPortForwardingL(0, ipNode, 22);
>   Session session = jsch.getSession(username, "127.0.0.1", localPort);
>   session.setHostKeyAlias(ipNode);

Ah, thanks, seems like a good idea.

> And then, the following change my do the trick,
> 
>                public void connect(SocketFactory ignore, String host,
>                                   int port, int timeout)
>                                throws Exception {
>                        activator.logInfo("setup tunnel through gateway to " +
>                                           host +":"+port + "...");
>                        channel = 
> (ChannelDirectTCPIP)gateway.openChannel("direct-tcpip");
>                        channel.setHost(host);
>                        channel.setPort(port);
>                        iStream = channel.getInputStream();     // !!
>                        oStream = channel.getOutputStream();    // !!
>                        channel.connect();
>                        // iStream = channel.getInputStream();
>                        // oStream = channel.getOutputStream();
>                        activator.logInfo("tunnel to "+host +":"+port + " 
> established.");
>                }

Yes, it works this way!

Thanks. (I now feel a bit stupid to have used quite some hours to search the 
problem ...
which then could be solved by moving one line.)

(I've added a not to each of the get/set stream methods of Channel in my 
documentation
that they should be called before connecting.)


PaĆ­lo

------------------------------------------------------------------------------
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network 
management toolset available today.  Delivers lowest initial 
acquisition cost and overall TCO of any competing solution.
http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________
JSch-users mailing list
JSch-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jsch-users

Reply via email to