[erlang-questions] ssh direct-tcpip port forwarded tunnel

Alex Wilson alex@REDACTED
Tue Jun 10 08:24:40 CEST 2014


There's no public API in the SSH app for this at the moment.

However, if you're willing to use private API, you can do something like this:

{ok, Ssh} = ssh:connect(Host, Port, [...]),

RemoteHost = "thing-on-other-side.of.tunnel.com",
RemotePort = 80,
HostBin = list_to_binary(RemoteHost), HostLen = byte_size(HostBin),

% the "originating" host, meant to be the thing connecting to the -R/-L forwarder
% in this case we just generate a random one
OrigHost = <<"localhost">>, OrigHostLen = byte_size(OrigHost),
OrigPort = crypto:rand_uniform(10000,65000),

Msg = <<HostLen:32/big, HostBin/binary, RemotePort:32/big, OrigHostLen:32/big, 
            OrigHost/binary, OrigPort:32/big>>,

{open, Chan} = ssh_connection_handler:open_channel(Ssh, "direct-tcpip", 
    Msg, ?DEFAULT_WINDOW_SIZE, ?DEFAULT_PACKET_SIZE, 
    ?DEFAULT_TIMEOUT),

% then after you've got the channel, use it like any other:
_ = ssh_connection:send(Ssh, Chan, <<"some data to send here">>),
receive
  {ssh_cm, Ssh, {data, Chan, _, IncomingBinary}} -> ...
  {ssh_cm, Ssh, {closed, Chan}} -> ...
end

etc

Note that ssh_connection_handler:open_channel/6 changed names between R15B and R16B, it used to be ssh_connection_manager:open_channel/6 and returned {ok, Chan} on success instead of {open, Chan}. Being private API, it might change again at any time! :)

This should probably have a public API though, it's a pretty useful operation.



On 7 Jun 2014, at 8:49 am, Tom van Neerijnen <tom@REDACTED> wrote:

> Hi all
> 
> Does anyone have an example of an Erlang port forwarding SSH server?
> My aim is to give it a ssh -R 1234:localhost:5678 and have the erlang server forward connections on 1234 to localhost:5678.
> 
> I've started ssh:daemon as described in the docs and have an Erlang shell on the server end of my ssh connection, so that at least is working, but I can't seem to get ssh_connection:direct_tcpip called.
> I  guessed that I needed to add a "direct-tcpip" subsystem but this is ignored when I ssh in.
> Anyone got any pointers to get me started?
> 
> -- 
> 
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions




More information about the erlang-questions mailing list