I used to create a SOCKS connection between a windows client and linux server using SSH server and putty. However, the firewall between the client and server is now able to identify SSH packets and drop them.
I was wondering if I can emulate such behavior of SSH tunnels using python? Any recommendations on libraries or readings?
Thanks in advance.
Yes, yes you can. Pick your poison.
http://socksipy.sourceforge.net/
http://sourceforge.net/projects/pysocks/
http://code.google.com/p/socksipy-branch/
How can I use a SOCKS 4/5 proxy with urllib2?
http://google-api-python-client.googlecode.com/hg/docs/httplib2.socks.html
You can consider using paramiko for your SSH. Here is a nice link ssh-programming-with-paramiko
You can also try this ssh module which uses paramiko.
Related
At [TO_PORT] on the server [TO_ADDRESS] is something I would like to connect with (Theia IDE). Using Linux I can simply do: ssh -L [FROM_PORT]:localhost:[TO_PORT] [TO_ADDRESS]. Now I can access the Theia IDE using localhost:[FROM_PORT].
When researching how to do port forwarding in a python program I found many solutions and all looked quite bulky. Why do people implement their own port forwarding and not use the ssh command?
I'm being trying to
Log into a server using SHH (with Paramiko)
Use that connection like a proxy and route network traffic through it and out to the internet. So say I could set it as my proxy in Urllib2, Mechanize, Firefox, etc.).
Is the second part possible or will I have to have some sort of proxy server running on the server to get this to work?
You could implement a SOCKS proxy in the paramiko client that routes connections across the SSH tunnel via paramiko's open_channel method. Unfortunately, I don't know of any out-of-the-box solution that does this, so you'd have to roll your own. Alternatively, run a SOCKS server on the server, and just forward that single port via paramiko.
I have try to implement it using paramiko. But I find paramiko can only launch a tunnel redirecting localhost:lport to remoteip:rport just like 'ssh -L'.
So I want to know how can I implement it using paramiko or use other library.
Thanks for your help.
Unlike the -L or -R options which forward specific ports, ssh -D establishes a SOCKS proxy for application-level port forwarding.
Assuming that's what you want, then according to this answer, there are several Python modules which implements SOCKS clients/proxies, e.g. PySocks and SocksiPy. Unfortunately, I have never explored any of these options and cannot vouch for any of them.
I was wondering, I want to create a SSH server and a client with custom commands.
I thought of using Twisted for it, but I did not go well with the docs.
I decided to use Paramiko, but I wonder, is there any way to create a Paramiko server? Or only client?
Another question, let's say you can only create a client, can I create the client in Paramiko and the server using the socket module and connect to it? Is this possible?
If so, any advice?
Thanks in advance
Yes, Paramiko can be used both as an SSH client and server; see paramiko.Transport.start_server to get started.
If you go back and revisit Twisted, twisted.conch also implements SSH.
I have a SOCKS proxy setup to a gateway server which is created by setting up a host definition in my ssh_config to use DynamicForward localhost:9876. To connect with SSH to the remote server I've setup another host definition to use ProxyCommand /usr/bin/nc -x localhost:9876 %h %p which is all working fine.
However my fabric script needs to connect to that remote server. How can I tell it to use the SOCKS proxy when it connects?
Tunnelling is now (March 2013) supported by Fabric natively: see the discussion leading to the changes in code and the commit message with a bit of rationale.
Fabric's SSH layer does not support gateways or proxies at the moment but they "may end up patching/forking it sometime to add that functionality." (from here).
There's also an outstanding issue on Fabric to implement tunneling.
This blog post suggests overriding the run function.
You can use tsocks and the OpenSSH client's built-in support for creating SOCKS tunnels. It requires a bit of configuration but it works fine. Below is how I got started on Ubuntu 10.04.
# Install the tsocks library and shell script.
sudo apt-get install tsocks
# Configure the range of IP addresses you need access to.
sudo nano /etc/tsocks.conf
# Use the OpenSSH client to create a socks proxy (stepping
# stones are hosts used to gain access to private subnets).
ssh -D 1080 stepping.stone
# Now connect to any given address in your configured range.
# tsocks will intercept the connection and route it using
# the SOCKS proxy we created with the previous command.
tsocks ssh 1.2.3.4
The fact that Fabric doesn't work without a VPN connection was a deal breaker for me, so this is a great solution; all it requires is SSH access to one host.
on Fabric (1.12.0)(doc):
env.use_ssh_config = True