more useful options | |
PerlMonks |
Port Forwarding with Net::SSH::Expectby jrsimmon (Hermit) |
on Dec 21, 2007 at 17:06 UTC ( [id://658481]=perlquestion: print w/replies, xml ) | Need Help?? |
jrsimmon has asked for the wisdom of the Perl Monks concerning the following question:
Venerable Monks- I have two networks totally isolated from each other, except by a "jump-box" that will pass through ssh connections. In order to accomplish a bit more, I've used the port forwarding feature of ssh to create ports on my local machine that will connect me directly to various other ports on the other network. This all works fine when I take the time to enter all the commands manually. That said, I do this enough that I'd like to automate it (and learn a little in the process). Net::SSH::Expect seems to be the perfect utility and, in fact, it connects through the jump box to the remote box with no issues. However, the local port that should allow other applications to tunnel through just doesn't get created. I am using cygwin and perl 5.8.8 with the latest versions of Net::SSH, Expect, and Net::SSH::Expect. Here's the gist of what I'm doing, trimmed down a bit for brevity:
Any suggestions will be much appreciated! Read on for a more in depth explanation...
Ok, so it's a little more complicated than shown above, but this code does show the problem. The "jump box" is actually a double jump--so what is actually required is the following: ssh to box1 login box1 automatically initiates a ssh connection to box2 login to box2 box2 automatically initiates a ssh connection to box3 login to box3. And, as I said, I am able to step through all of this with Net::SSH::Expect, no issues. However, the local port I set up to forward traffic through localhost to box3 and beyond just doesn't seem to get created. When doing this manually, these are the commands I enter: ssh -L 4100:box2:22 user@box1 ssh -p 4100 -L 4101:box3:22 user@localhost ssh -p 4101 -L some_port:box_with_that_service:the_same_port user@localhost So the first ssh connection requires 3 logins (box 1, 2, and 3). The second requires 2 (boxes 2 and 3) and the third only requires 1 (box 3). At that point whichever port I've forwarded with the last ssh should be available for tunneling. The localhost stuff is required so the applications I'm tunneling can do the ip validations that they want to do...I just have that set up in my hosts file--it looks funny, but it works just fine. And then I can tunnel through to the remote box to my heart's desire. Why doesn't this work with Net::SSH::Expect?
Back to
Seekers of Perl Wisdom
|
|