Tcl
Tcl
SSH Tunnel with Dynamic Port Forwarding
See more SSH Examples
Demonstrates how to start a background thread that runs a portable SSH tunnel w/ dynamic port forwarding that the foreground thread can use for establishing connections through an SSH tunnel.Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
set success 0
set tunnel [new_CkSshTunnel]
set sshHostname "sftp.example.com"
set sshPort 22
# Connect to an SSH server and establish the SSH tunnel:
set success [CkSshTunnel_Connect $tunnel $sshHostname $sshPort]
if {$success != 1} then {
puts [CkSshTunnel_lastErrorText $tunnel]
delete_CkSshTunnel $tunnel
exit
}
# Authenticate with the SSH server via a login/password
# or with a public key.
# This example demonstrates SSH password authentication.
set success [CkSshTunnel_AuthenticatePw $tunnel "mySshLogin" "mySshPassword"]
if {$success != 1} then {
puts [CkSshTunnel_lastErrorText $tunnel]
delete_CkSshTunnel $tunnel
exit
}
# Indicate that the background SSH tunnel thread will behave as a SOCKS proxy server
# with dynamic port forwarding:
CkSshTunnel_put_DynamicPortForwarding $tunnel 1
# We may optionally require that connecting clients authenticate with our SOCKS proxy server.
# To do this, set an inbound username/password. Any connecting clients would be required to
# use SOCKS5 with the correct username/password.
# If no inbound username/password is set, then our SOCKS proxy server will accept both
# SOCKS4 and SOCKS5 unauthenticated connections.
CkSshTunnel_put_InboundSocksUsername $tunnel "chilkat123"
CkSshTunnel_put_InboundSocksPassword $tunnel "password123"
# Start the listen/accept thread to begin accepting SOCKS proxy client connections.
# Listen on port 1080.
set success [CkSshTunnel_BeginAccepting $tunnel 1080]
if {$success != 1} then {
puts [CkSshTunnel_lastErrorText $tunnel]
delete_CkSshTunnel $tunnel
exit
}
# Now that a background thread is running a SOCKS proxy server that forwards connections
# through an SSH tunnel, it is possible to use any Chilkat implemented protocol that is SOCKS capable,
# such as HTTP, POP3, SMTP, IMAP, FTP, etc. The protocol may use SSL/TLS because the SSL/TLS
# will be passed through the SSH tunnel to the end-destination. Also, any number of simultaneous
# connections may be routed through the SSH tunnel.
# For this example, let's do a simple HTTPS request:
set url "https://www.ethereum.org/"
set http [new_CkHttp]
# Indicate that the HTTP object is to use our portable SOCKS proxy/SSH tunnel running in our background thread.
CkHttp_put_SocksHostname $http "localhost"
CkHttp_put_SocksPort $http 1080
CkHttp_put_SocksVersion $http 5
CkHttp_put_SocksUsername $http "chilkat123"
CkHttp_put_SocksPassword $http "password123"
CkHttp_put_SendCookies $http 1
CkHttp_put_SaveCookies $http 1
CkHttp_put_CookieDir $http "memory"
# Do the HTTPS page fetch (through the SSH tunnel)
set html [CkHttp_quickGetStr $http $url]
if {[CkHttp_get_LastMethodSuccess $http] != 1} then {
puts [CkHttp_lastErrorText $http]
delete_CkSshTunnel $tunnel
delete_CkHttp $http
exit
}
# Stop the background listen/accept thread:
set waitForThreadExit 1
set success [CkSshTunnel_StopAccepting $tunnel $waitForThreadExit]
if {$success != 1} then {
puts [CkSshTunnel_lastErrorText $tunnel]
delete_CkSshTunnel $tunnel
delete_CkHttp $http
exit
}
# Close the SSH tunnel (would also kick any remaining connected clients).
set success [CkSshTunnel_CloseTunnel $tunnel $waitForThreadExit]
if {$success != 1} then {
puts [CkSshTunnel_lastErrorText $tunnel]
delete_CkSshTunnel $tunnel
delete_CkHttp $http
exit
}
delete_CkSshTunnel $tunnel
delete_CkHttp $http