Agent forwarding can be enabled on the server side by adding the org.apache.sshd.agent.ChannelAgentForwarding to the list of channel factories on the sshd server. You'll need a few additional libraries though (apr, tomcat-apr). On the client, it must be enabled too using for example "ssh -A".
I'm not sure you actually need that, it may also be possible to retrieve the credentials on the server session. On Wed, Mar 9, 2011 at 20:22, Mark Robinson <[email protected]> wrote: > thanks for the suggestion. I will try it out. > > do you have any examples or docs on creating a server for agent forwarding? > > thanks! > > > On Mar 9, 2011, at 10:22 AM, Guillaume Nodet wrote: > >> If you use sshd.setShellFactory(xx), the command won't be closed >> automatically, only when the dialog is ended. >> What you could try as an experiment is to use >> >> sshd.setShellFactory(new ProcessShellFactory(new String[] >> { "/usr/bin/ssh", "targethost" }, >> >> EnumSet.of(ProcessShellFactory.TtyOptions.ONlCr))); >> >> and see if you can make that work correctly. The next step would be >> to write a Command that would use the client api. The main problem I >> see is to reuse the credentials, so that's why agent forwarding could >> help here (and it's different from port forwarding). >> >> About your compilation problem, I'm not sure, check the SshServer >> code, as it configure the factories, so that's clearly a problem on >> your code. >> >> >> On Wed, Mar 9, 2011 at 17:01, Mark Robinson <[email protected]> wrote: >>> Is Agent forwarding the same as port forwarding? I am unsure if port >>> forwarding will work as I want my proxy to be a middleman in the dialogue. >>> >>> I have just started working with setChannelFactories. I used the code you >>> provided and the error now is: >>> The parameterized method >>> <NamedFactory<Channel>>asList(NamedFactory<Channel>...) of type Arrays is >>> not applicable for the arguments (ChannelSession.Factory, >>> ChannelDirectTcpip.Factory) >>> >>> I previously used a customized Command but I am pretty sure the Git client >>> wants a dialogue with the server and the Command was closing the connection >>> after the first exchange. The sshd would launch another command but that >>> would restart the dialogue while the client was expecting the 2nd phase of >>> the conversation. >>> >>> >>> On Mar 9, 2011, at 9:47 AM, Guillaume Nodet wrote: >>> >>>> Interesting ... Agent forwarding should work with SSHD if that can help. >>>> >>>> What's the problem with the setChannelFactories ? More details would >>>> help to understand the real issue. >>>> >>>> On Wed, Mar 9, 2011 at 16:41, Mark Robinson <[email protected]> wrote: >>>>> This may sound silly but I am trying to build an SSH proxy/passthrough >>>>> between the a Git client and a Git server. >>>>> >>>>> >>>>> On Mar 9, 2011, at 9:36 AM, Guillaume Nodet wrote: >>>>> >>>>>> The default setup using SshServer.setUpDefaultServer() configures the >>>>>> following: >>>>>> >>>>>> sshd.setChannelFactories(Arrays.<NamedFactory<Channel>>asList( >>>>>> new ChannelSession.Factory(), >>>>>> new ChannelDirectTcpip.Factory())); >>>>>> >>>>>> So it should work. What kind of channels are you trying to configure ? >>>>>> >>>>>> On Wed, Mar 9, 2011 at 16:27, Mark Robinson <[email protected]> >>>>>> wrote: >>>>>>> Hi, >>>>>>> Is there an example that shows how to set up a basic SSHD server to >>>>>>> listen for SSH channels? I am hacking away at sshd.setChannelFactories >>>>>>> with no luck. >>>>>>> Thanks! >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Cheers, >>>>>> Guillaume Nodet >>>>>> ------------------------ >>>>>> Blog: http://gnodet.blogspot.com/ >>>>>> ------------------------ >>>>>> Open Source SOA >>>>>> http://fusesource.com >>>>> >>>>> >>>> >>>> >>>> >>>> -- >>>> Cheers, >>>> Guillaume Nodet >>>> ------------------------ >>>> Blog: http://gnodet.blogspot.com/ >>>> ------------------------ >>>> Open Source SOA >>>> http://fusesource.com >>> >>> >> >> >> >> -- >> Cheers, >> Guillaume Nodet >> ------------------------ >> Blog: http://gnodet.blogspot.com/ >> ------------------------ >> Open Source SOA >> http://fusesource.com > > -- Cheers, Guillaume Nodet ------------------------ Blog: http://gnodet.blogspot.com/ ------------------------ Open Source SOA http://fusesource.com
