Skip to content

Instantly share code, notes, and snippets.

@indexzero

indexzero/ssh2-tunnel.js

Last active February 4, 2024 05:47
Show Gist options
  • Save indexzero/4508734 to your computer and use it in GitHub Desktop.
Save indexzero/4508734 to your computer and use it in GitHub Desktop.
Download ZIP
Thoughts about SSH tunnellng using `ssh2`
Raw
ssh2-tunnel.js
var fs = require('fs'),
path = require('path');
Connection = require('ssh2');
var tunnelHost = process.argv[2],
dest = process.argv[3],
keyfile = process.argv[4];
var conn = new Connection();
function logSsh(obj, name) {
obj.on('connect', function () { console.log(name + ' :: connect'); });
obj.on('error', function (err) { console.log(name + ' :: error :: ' + err); });
obj.on('end', function () { console.log(name + ' :: end'); });
obj.on('close', function () { console.log(name + ' :: close'); });
}
function logStream(stream, conn, name) {
stream.on('data', function(data, extended) {
console.log(name + (extended === 'stderr' ? ' STDERR: ' : ' STDOUT: ')
+ data);
});
stream.on('end', function() {
console.log(name + ' Stream :: EOF');
});
stream.on('close', function() {
console.log(name + ' Stream :: close');
});
stream.on('exit', function(code, signal) {
console.log(name + ' Stream :: exit :: code: ' + code + ', signal: ' + signal);
conn.end();
});
}
logSsh(conn, 'Connection')
conn.on('ready', function () {
console.log('Connection :: ready');
//
// Remark: Currently doesn't work with either...
//
// Use an interactive shell to nc
//
// conn.exec('nc ' + dest + ' 22', function (err, tunnelStream) {
//
// OR!
// Use an outbound TCP connection to dest.host
//
conn.forwardOut(tunnelHost, 22, dest, 22, function (err, tunnelStream) {
if (err) throw err;
logStream(tunnelStream, conn, 'Connection');
var tunnel = new Connection();
logSsh(tunnel, 'Tunnel')
tunnel.connect({
host: dest,
port: 22,
username: 'root',
debug: function (msg) {
console.log('Tunnel: ' + msg);
},
privateKey: require('fs').readFileSync(keyfile),
stream: tunnelStream
});
tunnel.on('ready', function () {
console.log('Tunnel :: ready');
tunnel.exec('ls -la /root', function (err, stream) {
if (err) throw err;
logStream(stream, tunnel, 'Tunnel');
})
});
});
});
conn.connect({
host: tunnelHost,
port: 22,
username: 'root',
debug: function (msg) {
console.log('Connection: ' + msg);
},
privateKey: require('fs').readFileSync(keyfile),
});
@indexzero
Copy link
Author

Current output (Both tunnel.dest and dest.host are SmartOS machines)

Connection :: connect
Connection: DEBUG: Parser: STATE_INIT
Connection: DEBUG: Parser: STATE_GREETING
Connection: DEBUG: Parser: STATE_HEADER
Connection: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection: DEBUG: Parser: STATE_PACKET
Connection: DEBUG: Parser: remainLen === 2376
Connection: DEBUG: Parser: STATE_PACKETDATA
Connection: DEBUG: Parser: STATE_PACKETDATAAFTER, packet: KEXINIT
Connection: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection: DEBUG: Connection: Sent KEXINIT
Connection: DEBUG: Connection: Sent KEXDH_INIT
Connection: DEBUG: Parser: STATE_PACKET
Connection: DEBUG: Parser: remainLen === 696
Connection: DEBUG: Parser: STATE_PACKETDATA
Connection: DEBUG: Parser: STATE_PACKETDATAAFTER, packet: KEXDH_REPLY
Connection: DEBUG: Connection: Sent NEWKEYS
Connection: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection: DEBUG: Parser: STATE_PACKET
Connection: DEBUG: Parser: remainLen === 8
Connection: DEBUG: Parser: STATE_PACKETDATA
Connection: DEBUG: Parser: STATE_PACKETDATAAFTER, packet: NEWKEYS
Connection: DEBUG: Connection: Sent SERVICE_REQUEST
Connection: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection: DEBUG: Parser: STATE_PACKET
Connection: DEBUG: Parser: remainLen === 24
Connection: DEBUG: Parser: STATE_PACKETDATA
Connection: DEBUG: Parser: hmacSize === 16
Connection: DEBUG: Parser: STATE_PACKETDATAVERIFY
Connection: DEBUG: Parser: STATE_PACKETDATAAFTER, packet: SERVICE_ACCEPT
Connection: DEBUG: Connection: Sent USERAUTH_REQUEST (publickey -- check)
Connection: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection: DEBUG: Parser: STATE_PACKET
Connection: DEBUG: Parser: remainLen === 296
Connection: DEBUG: Parser: STATE_PACKETDATA
Connection: DEBUG: Parser: hmacSize === 16
Connection: DEBUG: Parser: STATE_PACKETDATAVERIFY
Connection: DEBUG: Parser: STATE_PACKETDATAAFTER, packet: undefined
Connection: DEBUG: Connection: Sent USERAUTH_REQUEST (publickey)
Connection: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection: DEBUG: Parser: STATE_PACKET
Connection: DEBUG: Parser: remainLen === 8
Connection: DEBUG: Parser: STATE_PACKETDATA
Connection: DEBUG: Parser: hmacSize === 16
Connection: DEBUG: Parser: STATE_PACKETDATAVERIFY
Connection: DEBUG: Parser: STATE_PACKETDATAAFTER, packet: USERAUTH_SUCCESS
Connection :: ready
Connection: DEBUG: Connection: Sent CHANNEL_OPEN
Connection: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection: DEBUG: Parser: STATE_PACKET
Connection: DEBUG: Parser: remainLen === 24
Connection: DEBUG: Parser: STATE_PACKETDATA
Connection: DEBUG: Parser: hmacSize === 16
Connection: DEBUG: Parser: STATE_PACKETDATAVERIFY
Connection: DEBUG: Parser: STATE_PACKETDATAAFTER, packet: CHANNEL_OPEN_CONFIRMATION
Connection: DEBUG: Channel: Sent CHANNEL_REQUEST (exec)
Connection: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection: DEBUG: Parser: STATE_PACKET
Connection: DEBUG: Parser: remainLen === 16
Connection: DEBUG: Parser: STATE_PACKETDATA
Connection: DEBUG: Parser: hmacSize === 16
Connection: DEBUG: Parser: STATE_PACKETDATAVERIFY
Connection: DEBUG: Parser: STATE_PACKETDATAAFTER, packet: CHANNEL_WINDOW_ADJUST
Connection: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection: DEBUG: Parser: STATE_PACKET
Connection: DEBUG: Parser: remainLen === 8
Connection: DEBUG: Parser: STATE_PACKETDATA
Connection: DEBUG: Parser: hmacSize === 16
Connection: DEBUG: Parser: STATE_PACKETDATAVERIFY
Connection: DEBUG: Parser: STATE_PACKETDATAAFTER, packet: CHANNEL_SUCCESS
Tunnel :: connect
Connection: DEBUG: Channel: Sent CHANNEL_DATA
Tunnel: DEBUG: Connection: Sent CHANNEL_OPEN
Connection: DEBUG: Channel: Sent CHANNEL_DATA
Connection: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection: DEBUG: Parser: STATE_PACKET
Connection: DEBUG: Parser: remainLen === 32
Connection: DEBUG: Parser: STATE_PACKETDATA
Connection: DEBUG: Parser: hmacSize === 16
Connection: DEBUG: Parser: STATE_PACKETDATAVERIFY
Connection: DEBUG: Parser: STATE_PACKETDATAAFTER, packet: CHANNEL_DATA
Connection STDOUT: SSH-2.0-Sun_SSH_1.5

Tunnel: DEBUG: Parser: STATE_INIT
Tunnel: DEBUG: Parser: STATE_GREETING
Tunnel: DEBUG: Parser: STATE_HEADER
Tunnel: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection: DEBUG: Parser: STATE_PACKET
Connection: DEBUG: Parser: remainLen === 2400
Connection: DEBUG: Parser: STATE_PACKETDATA
Connection: DEBUG: Parser: hmacSize === 16
Connection: DEBUG: Parser: STATE_PACKETDATAVERIFY
Connection: DEBUG: Parser: STATE_PACKETDATAAFTER, packet: CHANNEL_DATA
Connection STDOUT:  L
E�E�
    ���$�^N��&nfgss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1ssh-rsa,ssh-dss>aes128-ctr,aes192-ctr,aes256-ctr,arcfour128,arcfour256,arcfour>aes128-ctr,aes192-ctr,aes256-ctr,arcfour128,arcfour256,arcfour+hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96+hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96 none,zlib   none,zlib�af-ZA,ar-AE,ar-BH,ar-DZ,ar-EG,ar-IQ,ar-JO,ar-KW,ar-LB,ar-LY,ar-MA,ar-OM,ar-QA,ar-SA,ar-TN,ar-YE,as-IN,az-AZ,be-BY,bg-BG,bn-BD,bn-IN,bo-CN,bo-IN,bs-BA,ca-ES,cs-CZ,da-DK,de-AT,de-BE,de-CH,de-DE,de-LI,de-LU,el-CY,el-GR,en-AU,en-BW,en-BZ,en-CA,en-GB,en-HK,en-IE,en-IN,en-JM,en-MH,en-MT,en-NA,en-NZ,en-PH,en-PK,en-SG,en-TT,en-US,en-ZA,en-ZW,es-AR,es-BO,es-CL,es-CO,es-CR,es-DO,es-EC,es-ES,es-GQ,es-GT,es-HN,es-MX,es-NI,es-PA,es-PE,es-PR,es-PY,es-SV,es-US,es-UY,es-VE,et-EE,fi-FI,fr-BE,fr-CA,fr-CF,fr-CH,fr-FR,fr-GN,fr-LU,fr-MC,fr-MG,fr-ML,fr-NE,fr-SN,ga-IE,gu-IN,he-IL,hi-IN,hr-HR,hu-HU,hy-AM,id-ID,ii-CN,is-IS,it-CH,it-IT,ja-JP,ka-GE,kk-KZ,km-KH,kn-IN,ko-KR,lt-LT,lv-LV,mk-MK,ml-IN,mn-CN,mn-MN,mr-IN,ms-MY,mt-MT,nb-NO,ne-IN,ne-NP,nl-BE,nl-NL,nn-NO,or-IN,pa-IN,pa-PK,pl-PL,pt-BR,pt-GW,pt-MZ,pt-PT,ro-MD,ro-RO,ru-MD,ru-RU,ru-UA,sa-IN,si-LK,sk-SK,sl-SI,sq-AL,sr-BA,sr-ME,sr-RS,sv-FI,sv-SE,ta-IN,ta-LK,te-IN,th-TH,tr-TR,ug-CN,uk-UA,ur-IN,ur-PK,vi-VN,zh-CN,zh-HK,zh-MO,zh-SG,i-default,zh-TW�af-ZA,ar-AE,ar-BH,ar-DZ,ar-EG,ar-IQ,ar-JO,ar-KW,ar-LB,ar-LY,ar-MA,ar-OM,ar-QA,ar-SA,ar-TN,ar-YE,as-IN,az-AZ,be-BY,bg-BG,bn-BD,bn-IN,bo-CN,bo-IN,bs-BA,ca-ES,cs-CZ,da-DK,de-AT,de-BE,de-CH,de-DE,de-LI,de-LU,el-CY,el-GR,en-AU,en-BW,en-BZ,en-CA,en-GB,en-HK,en-IE,en-IN,en-JM,en-MH,en-MT,en-NA,en-NZ,en-PH,en-PK,en-SG,en-TT,en-US,en-ZA,en-ZW,es-AR,es-BO,es-CL,es-CO,es-CR,es-DO,es-EC,es-ES,es-GQ,es-GT,es-HN,es-MX,es-NI,es-PA,es-PE,es-PR,es-PY,es-SV,es-US,es-UY,es-VE,et-EE,fi-FI,fr-BE,fr-CA,fr-CF,fr-CH,fr-FR,fr-GN,fr-LU,fr-MC,fr-MG,fr-ML,fr-NE,fr-SN,ga-IE,gu-IN,he-IL,hi-IN,hr-HR,hu-HU,hy-AM,id-ID,ii-CN,is-IS,it-CH,it-IT,ja-JP,ka-GE,kk-KZ,km-KH,kn-IN,ko-KR,lt-LT,lv-LV,mk-MK,ml-IN,mn-CN,mn-MN,mr-IN,ms-MY,mt-MT,nb-NO,ne-IN,ne-NP,nl-BE,nl-NL,nn-NO,or-IN,pa-IN,pa-PK,pl-PL,pt-BR,pt-GW,pt-MZ,pt-PT,ro-MD,ro-RO,ru-MD,ru-RU,ru-UA,sa-IN,si-LK,sk-SK,sl-SI,sq-AL,sr-BA,sr-ME,sr-RS,sv-FI,sv-SE,ta-IN,ta-LK,te-IN,th-TH,tr-TR,ug-CN,uk-UA,ur-IN,ur-PK,vi-VN,zh-CN,zh-HK,zh-MO,zh-SG,i-default,zh-TW
Tunnel: DEBUG: Parser: STATE_PACKET
Tunnel: DEBUG: Parser: remainLen === 2376
Tunnel: DEBUG: Parser: STATE_PACKETDATA
Tunnel: DEBUG: Parser: STATE_PACKETDATAAFTER, packet: KEXINIT
Tunnel: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Tunnel: DEBUG: Connection: Sent KEXINIT
Connection: DEBUG: Channel: Sent CHANNEL_DATA
Tunnel: DEBUG: Connection: Sent KEXDH_INIT
Connection: DEBUG: Channel: Sent CHANNEL_DATA
Connection: DEBUG: Parser: STATE_PACKET
Connection: DEBUG: Parser: remainLen === 72
Connection: DEBUG: Parser: STATE_PACKETDATA
Connection: DEBUG: Parser: hmacSize === 16
Connection: DEBUG: Parser: STATE_PACKETDATAVERIFY
Connection: DEBUG: Parser: STATE_PACKETDATAAFTER, packet: CHANNEL_DATA
Connection STDOUT: 4
protocol error: rcvd type 90
Tunnel: DEBUG: Parser: STATE_PACKET
Tunnel: DEBUG: Parser: remainLen === 48
Tunnel: DEBUG: Parser: STATE_PACKETDATA
Tunnel: DEBUG: Parser: STATE_PACKETDATAAFTER, packet: DISCONNECT
Tunnel :: error :: Error: Disconnected by host (PROTOCOL_ERROR): protocol error: rcvd type 90
Connection: DEBUG: Channel: Sent EOF
Connection: DEBUG: Channel: Sent CLOSE
Tunnel: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection: DEBUG: Parser: STATE_PACKET
Connection: DEBUG: Parser: remainLen === 8
Connection: DEBUG: Parser: STATE_PACKETDATA
Connection: DEBUG: Parser: hmacSize === 16
Connection: DEBUG: Parser: STATE_PACKETDATAVERIFY
Connection: DEBUG: Parser: STATE_PACKETDATAAFTER, packet: CHANNEL_EOF
Connection Stream :: EOF
Tunnel :: end
Connection: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection: DEBUG: Parser: STATE_PACKET
Connection: DEBUG: Parser: remainLen === 32
Connection: DEBUG: Parser: STATE_PACKETDATA
Connection: DEBUG: Parser: hmacSize === 16
Connection: DEBUG: Parser: STATE_PACKETDATAVERIFY
Connection: DEBUG: Parser: STATE_PACKETDATAAFTER, packet: CHANNEL_REQUEST
Connection Stream :: exit :: code: 0, signal: undefined
Connection: DEBUG: Connection: Sent DISCONNECT
Connection: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection: DEBUG: Parser: STATE_PACKET
Connection: DEBUG: Parser: remainLen === 8
Connection: DEBUG: Parser: STATE_PACKETDATA
Connection: DEBUG: Parser: hmacSize === 16
Connection: DEBUG: Parser: STATE_PACKETDATAVERIFY
Connection: DEBUG: Parser: STATE_PACKETDATAAFTER, packet: CHANNEL_CLOSE
Connection Stream :: close
Tunnel :: close
Connection: DEBUG: Parser: STATE_PACKETBEFORE (expecting 8)
Connection :: close

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment