Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

connect InputStream / OutputStream before handshake ( ProxyCommand support ) #970

Open
knoxg opened this issue Dec 24, 2024 · 2 comments
Open

connect InputStream / OutputStream before handshake ( ProxyCommand support ) #970

knoxg opened this issue Dec 24, 2024 · 2 comments

Comments

@knoxg
Copy link

knoxg commented Dec 24, 2024
edited
Loading

Hi there.

I'm trying to implement an SSH tunnel that uses AWS SSM ("AWS Systems Manager") commands to communicate with a host. The way this apparently works with an openssh client is to configure a 'ProxyCommand' directive which I believe forks a process and then sends the SSH handshake and data to/from that process instead of a socket. ( AWS docs here: https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-getting-started-enable-ssh-connections.html ).

I was looking around the sshj source files looking for a way of doing this, but I can't see if this has been implemented anywhere.

I can see I might be able to connect my own InputStream/OutputStreams by calling SSHClient.connectVia() instead of calling SSHClient.connect(), but the only example I can find is Jump.java here: https://github.com/hierynomus/sshj/blob/master/examples/src/main/java/net/schmizz/sshj/examples/Jump.java
which passes in a DirectConnection, but that class still seems network-oriented rather than stream-oriented.

Is what I'm looking for possible out of the box using sshj or do I have to create a new kind of Channel / Transport / Connection class ?

There is mention of proxy connections in this PR: #756 but this looks like it's referring to SOCKS/HTTP proxies rather than ProxyCommands

I wasn't sure how 'ProxyCommand' was implemented in openssh either... if it helps their implementation is here: https://github.com/openssh/openssh-portable/blob/master/sshconnect.c#L196
which is called from https://github.com/openssh/openssh-portable/blob/master/ssh.c#L1641

The command I need to use in the java equivalent to the openssh ProxyCommand is some AWS-supplied abomination written in go, but for the purposes of the java code is just a process that communicates via stdin/stdout.

Hoping you can give me some tips on what I need to do to get this use-case to work :)

Thanks in advance,
Greg
@knoxg
Copy link
Author

knoxg commented Dec 26, 2024

Got something working with a minimal change to SSHClient, I'll create a PR

knoxg added a commit to knoxg/sshj that referenced this issue Dec 28, 2024
@knoxg
Added SocketClient.connectVia(InputStream, OutputStream) method for P…
fcb336b 
…roxyCommand support (hierynomus#970)
knoxg added a commit to knoxg/sshj that referenced this issue Dec 28, 2024
@knoxg
Added ProxyCommand example (hierynomus#970)
fc8512a
knoxg added a commit to knoxg/sshj that referenced this issue Dec 28, 2024
@knoxg
Comment only (hierynomus#970)
c37ec15
@knoxg
Copy link
Author

knoxg commented Dec 28, 2024

Pull request: #971

knoxg added a commit to knoxg/sshj that referenced this issue Dec 28, 2024
@knoxg
NullPointerException (hierynomus#970)
c6b019e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@knoxg