Archived Forum Post

Index of archived forum posts

Question:

SSH Port Forwarding?

Sep 20 '12 at 10:17

I am looking to put together an app using the Chilkat ActiveX's in Delphi, which is like the Bitvise SSH client for port forwarding. Basically allows login to ssh server & can listen locally on interface 127.0.0.1 port 8080 ect, for example, and if i forward HTTP traffic to this local socket via socks5 the program tunnels this to the ssh server.

I've looked through the examples & can login to the server, but don't no where to start with the listening/forwarding stuff.


Answer

You would want to use the Chilkat SSH Tunnel object for it.

This is the example that would apply: http://www.example-code.com/delphi/sshTunnel_database.asp

Here's a snippet from the example, and I'll explain it further:

sshTunnel := TChilkatSshTunnel.Create(Self);

success := sshTunnel.UnlockComponent('30-day trial'); // ...

// The destination host/port is the database server. // The DestHostname may be the domain name or // IP address (in dotted decimal notation) of the database // server. sshTunnel.DestPort := 1433; sshTunnel.DestHostname := 'myDbServer.com';

// Provide information about the location of the SSH server, // and the authentication to be used with it. This is the // login information for the SSH server (not the database server). sshTunnel.SshHostname := '192.168.1.108'; sshTunnel.SshPort := 22; sshTunnel.SshLogin := 'mySshLogin'; sshTunnel.SshPassword := 'mySshPassword';

// Start accepting connections in a background thread. // The SSH tunnels are autonomously run in a background // thread. There is one background thread for accepting // connections, and another for managing the tunnel pool. listenPort := 3316; success := sshTunnel.BeginAccepting(listenPort); if (success <> 1) then begin ShowMessage(sshTunnel.LastErrorText); Exit; end;

When BeginAccepting is called, a background thread is started and it begins accepting incoming connections on 127.0.0.1 at the port number passed to BeginAccepting. In the example, it's port 3316, but for your needs, you indicated port 8080, so you would instead pass 8080 to BeginAccepting.

The SSH hostname, port, login, and password specify the location of the SSH server and the login/password for authentication.

Once your app is running and BeginAccepting is called, then HTTP traffic can be forwarded to 127.0.0.1:8080. The background thread, started and managed by the SSH Tunnel object, is waiting for incoming connections on that port, will accept them, and will forward all traffic to the SSH server. (Traffic coming back from the SSH server is also forwarded back to whatever peer socket is connected to 127.0.0.1:8080.)

One final piece: The traffic forwarded to the SSH server doesn't simply end at the SSH server. What would be the point of that? It needs to be forwarded from the SSH server to some final destination where there is some app, server, or whatever, that is the intended recipient of the traffic. In the linked example above, it happens to be a database server specified by DestHostname and DestPort. In your case, it would be whatever program / web app / server, etc. is intended to receive the HTTP request.

Finally, one note: SSH dynamic port forwarding is a technology where the final destination (DestHostname / DestPort) is dynamically provided in the SOCKS protocol. Chilkat does not yet support dynamic port forwarding. If this is what you really need, then it's something that will be provided by Chilkat SSH Tunnel at some point in the future.