PowerShell
PowerShell
SSH Tunnel Inside another SSH Tunnel
See more SSH Tunnel Examples
Demonstrates how to create a TCP/IP socket connection through an SSH tunnel that is dynamic port forwarded through another SSH tunnel.Chilkat PowerShell Downloads
Add-Type -Path "C:\chilkat\ChilkatDotNet47-x64\ChilkatDotNet47.dll"
$success = $false
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
$tunnel = New-Object Chilkat.SshTunnel
$sshHostname = "www.ssh-serverA.com"
$sshPort = 22
# Connect to an SSH server and establish the SSH tunnel:
$success = $tunnel.Connect($sshHostname,$sshPort)
if ($success -eq $false) {
$($tunnel.LastErrorText)
exit
}
# Authenticate with the SSH server via a login/password
# or with a public key.
# This example demonstrates SSH password authentication.
$success = $tunnel.AuthenticatePw("mySshLogin","mySshPassword")
if ($success -eq $false) {
$($tunnel.LastErrorText)
exit
}
# Indicate that the background SSH tunnel thread will behave as a SOCKS proxy server
# with dynamic port forwarding:
$tunnel.DynamicPortForwarding = $true
# We may optionally require that connecting clients authenticate with our SOCKS proxy server.
# To do this, set an inbound username/password. Any connecting clients would be required to
# use SOCKS5 with the correct username/password.
# If no inbound username/password is set, then our SOCKS proxy server will accept both
# SOCKS4 and SOCKS5 unauthenticated connections.
$tunnel.InboundSocksUsername = "chilkat123"
$tunnel.InboundSocksPassword = "password123"
# Start the listen/accept thread to begin accepting SOCKS proxy client connections.
# Listen on port 1080.
$success = $tunnel.BeginAccepting(1080)
if ($success -eq $false) {
$($tunnel.LastErrorText)
exit
}
# Now that a background thread is running a SOCKS proxy server that forwards connections
# through an SSH tunnel, it is possible to use any Chilkat implemented protocol that is SOCKS capable,
# such as HTTP, POP3, SMTP, IMAP, FTP, Socket, etc. The protocol may use SSL/TLS because the SSL/TLS
# will be passed through the SSH tunnel to the end-destination. Also, any number of simultaneous
# connections may be routed through the SSH tunnel.
$tunnelB = New-Object Chilkat.Socket
# Indicate that the socket object is to use our portable SOCKS proxy/SSH tunnel running in our background thread.
$tunnelB.SocksHostname = "localhost"
$tunnelB.SocksPort = 1080
$tunnelB.SocksVersion = 5
$tunnelB.SocksUsername = "chilkat123"
$tunnelB.SocksPassword = "password123"
# Open a new SSH tunnel through the existing tunnel (via what we treat as a SOCKS5 proxy,
# but it is actually a dynamic port-forwarded SSH tunnel).
$success = $tunnelB.SshOpenTunnel("www.ssh-serverB.com",22)
if ($success -eq $false) {
$($tunnelB.LastErrorText)
exit
}
# Authenticate with ssh-serverB.com
$success = $tunnelB.SshAuthenticatePw("uname","pwd")
if ($success -eq $false) {
$($tunnelB.LastErrorText)
exit
}
# OK, the SSH tunnel (within a tunnel) is setup. Now open a channel within the tunnel.
# Once the channel is obtained, the Socket API may
# be used exactly the same as usual, except all communications
# are sent through the channel in the SSH tunnel.
# Any number of channels may be created from the same SSH tunnel.
# Multiple channels may coexist at the same time.
# Connect to an NIST time server and read the current date/time
$channel = New-Object Chilkat.Socket
$maxWaitMs = 4000
$useTls = $false
$success = $tunnelB.SshNewChannel("time-c.nist.gov",37,$useTls,$maxWaitMs,$channel)
if ($success -eq $false) {
$($tunnelB.LastErrorText)
exit
}
# The time server will send a big-endian 32-bit integer representing
# the number of seconds since since 00:00 (midnight) 1 January 1900 GMT.
# The ReceiveInt32 method will receive a 4-byte integer, but returns
# $true or $false to indicate success. If successful, the integer
# is obtained via the ReceivedInt property.
$bigEndian = $true
$success = $channel.ReceiveInt32($bigEndian)
if ($success -eq $false) {
$($channel.LastErrorText)
exit
}
$dt = New-Object Chilkat.CkDateTime
$dt.SetFromNtpTime($channel.ReceivedInt)
# Show the current local date/time
$bLocalTime = $true
$("Current local date/time: " + $dt.GetAsRfc822($bLocalTime))
# Close the SSH channel.
$success = $channel.Close($maxWaitMs)
if ($success -eq $false) {
$($channel.LastErrorText)
exit
}
# Stop the background listen/accept thread:
$waitForThreadExit = $true
$success = $tunnel.StopAccepting($waitForThreadExit)
if ($success -eq $false) {
$($tunnel.LastErrorText)
exit
}
# Close the SSH tunnel (would also kick any remaining connected clients).
$success = $tunnel.CloseTunnel($waitForThreadExit)
if ($success -eq $false) {
$($tunnel.LastErrorText)
exit
}