问题
I need to run some commands from a remote computer using an SSH connection, but the problem is the following:
The client computer (running Windows) is connected to a network where I can see a server remote (second *nix computer, in the same network). I can do SSH connections with it, however the computer that contains the files (running *nix) isn't in this network, I only can connect with this trough a dynamic SSH tunnel open in the second computer, where I normally use PuTTY to configure this connection. Then I've got access to the remote files.
The following picture represents the architecture (the firewall is like the second machine):
I need to make this work automatically so I've done some test with Java and the JSch library, here is some code:
/* Direccion y puerto del host local */
String host = "localhost";
int lport = 5040;
/* Direccion y puerto del host remoto*/
String rhost = "localhost";
int rport = 80;
/* Usuario y password para conectarse al servidor ssh*/
String user = "test";
String pwd = "test";
JSch jsch=new JSch();
Session session=jsch.getSession(user, host, 22);
session.setPassword("test");
Properties config = new Properties();
config.put("StrictHostKeyChecking","no");
session.setConfig(config);
session.connect();
int assinged_port=session.setPortForwardingL(lport, rhost, rport);
System.out.println("localhost:"+assinged_port+" -> "+rhost+":"+rport);
I got connection, however when I run a command using object session, the answer is from the second machine not from the third machine as I expected. I would like to know if there is another library that helps to make this work or I'm using wrong JSch.
回答1:
Of course, if you set rhost = "localhost", the connection will arrive at the SSH server, and not at the "Resource" server.
Put the right host name in, and it should be no problem. (I did this once.)
If you want to do both connections from JSch, instead of doing a local port forwarding and then connecting to this forwarded port, you can use my ProxySSH class, to find in the JSch wiki. (I did this, too, in a similar situation like you have there.)
回答2:
You have to create session on the second server after port forwarding. Then connection is established to the server behind firewall.
Look at this code for example.What this code does is create a local port forwarding to the ssh port on the target system, then connects through it. The running of the hostname command illustrates that it is, indeed, running on the forwarded-to system.
回答3:
You have to open another session that makes use of the forwarded port.
Session sessionA = jsch.getSession("usernameA", "hostA");
// ...
sessionA.connect();
int forwardedPort = 2222; // any port number which is not in use on the local machine
sessionA.setPortForwardingL(forwardedPort, "hostB", 22);
Session sessionB = jsch.getSession("usernameB", "localhost", forwardedPort);
// ...
sessionB.connect();
// Use sessionB here to execute your command
来源:https://stackoverflow.com/questions/9282881/run-remote-commands-through-ssh-tunnel-in-java