Sample code for 30+ languages & platforms
Unicode C

SSH Tunnel Inside another SSH Tunnel

See more SSH Tunnel Examples

Demonstrates how to create a TCP/IP socket connection through an SSH tunnel that is dynamic port forwarded through another SSH tunnel.

Chilkat Unicode C Downloads

Unicode C
#include <C_CkSshTunnelW.h>
#include <C_CkSocketW.h>
#include <C_CkDateTimeW.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkSshTunnelW tunnel;
    const wchar_t *sshHostname;
    int sshPort;
    HCkSocketW tunnelB;
    HCkSocketW channel;
    int maxWaitMs;
    BOOL useTls;
    BOOL bigEndian;
    HCkDateTimeW dt;
    BOOL bLocalTime;
    BOOL waitForThreadExit;

    success = FALSE;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    tunnel = CkSshTunnelW_Create();

    sshHostname = L"www.ssh-serverA.com";
    sshPort = 22;

    // Connect to an SSH server and establish the SSH tunnel:
    success = CkSshTunnelW_Connect(tunnel,sshHostname,sshPort);
    if (success == FALSE) {
        wprintf(L"%s\n",CkSshTunnelW_lastErrorText(tunnel));
        CkSshTunnelW_Dispose(tunnel);
        return;
    }

    // Authenticate with the SSH server via a login/password
    // or with a public key.  
    // This example demonstrates SSH password authentication.
    success = CkSshTunnelW_AuthenticatePw(tunnel,L"mySshLogin",L"mySshPassword");
    if (success == FALSE) {
        wprintf(L"%s\n",CkSshTunnelW_lastErrorText(tunnel));
        CkSshTunnelW_Dispose(tunnel);
        return;
    }

    // Indicate that the background SSH tunnel thread will behave as a SOCKS proxy server
    // with dynamic port forwarding:
    CkSshTunnelW_putDynamicPortForwarding(tunnel,TRUE);

    // We may optionally require that connecting clients authenticate with our SOCKS proxy server.
    // To do this, set an inbound username/password.  Any connecting clients would be required to 
    // use SOCKS5 with the correct username/password.
    // If no inbound username/password is set, then our SOCKS proxy server will accept both
    // SOCKS4 and SOCKS5 unauthenticated connections.

    CkSshTunnelW_putInboundSocksUsername(tunnel,L"chilkat123");
    CkSshTunnelW_putInboundSocksPassword(tunnel,L"password123");

    // Start the listen/accept thread to begin accepting SOCKS proxy client connections.
    // Listen on port 1080.
    success = CkSshTunnelW_BeginAccepting(tunnel,1080);
    if (success == FALSE) {
        wprintf(L"%s\n",CkSshTunnelW_lastErrorText(tunnel));
        CkSshTunnelW_Dispose(tunnel);
        return;
    }

    // Now that a background thread is running a SOCKS proxy server that forwards connections
    // through an SSH tunnel, it is possible to use any Chilkat implemented protocol that is SOCKS capable,
    // such as HTTP, POP3, SMTP, IMAP, FTP, Socket, etc.  The protocol may use SSL/TLS because the SSL/TLS
    // will be passed through the SSH tunnel to the end-destination.  Also, any number of simultaneous
    // connections may be routed through the SSH tunnel.

    tunnelB = CkSocketW_Create();

    // Indicate that the socket object is to use our portable SOCKS proxy/SSH tunnel running in our background thread.
    CkSocketW_putSocksHostname(tunnelB,L"localhost");
    CkSocketW_putSocksPort(tunnelB,1080);
    CkSocketW_putSocksVersion(tunnelB,5);
    CkSocketW_putSocksUsername(tunnelB,L"chilkat123");
    CkSocketW_putSocksPassword(tunnelB,L"password123");

    // Open a new SSH tunnel through the existing tunnel (via what we treat as a SOCKS5 proxy,
    // but it is actually a dynamic port-forwarded SSH tunnel).
    success = CkSocketW_SshOpenTunnel(tunnelB,L"www.ssh-serverB.com",22);
    if (success == FALSE) {
        wprintf(L"%s\n",CkSocketW_lastErrorText(tunnelB));
        CkSshTunnelW_Dispose(tunnel);
        CkSocketW_Dispose(tunnelB);
        return;
    }

    // Authenticate with ssh-serverB.com
    success = CkSocketW_SshAuthenticatePw(tunnelB,L"uname",L"pwd");
    if (success == FALSE) {
        wprintf(L"%s\n",CkSocketW_lastErrorText(tunnelB));
        CkSshTunnelW_Dispose(tunnel);
        CkSocketW_Dispose(tunnelB);
        return;
    }

    // OK, the SSH tunnel (within a tunnel) is setup.  Now open a channel within the tunnel.
    // Once the channel is obtained, the Socket API may
    // be used exactly the same as usual, except all communications
    // are sent through the channel in the SSH tunnel.
    // Any number of channels may be created from the same SSH tunnel.
    // Multiple channels may coexist at the same time.

    // Connect to an NIST time server and read the current date/time
    channel = CkSocketW_Create();
    maxWaitMs = 4000;
    useTls = FALSE;
    success = CkSocketW_SshNewChannel(tunnelB,L"time-c.nist.gov",37,useTls,maxWaitMs,channel);
    if (success == FALSE) {
        wprintf(L"%s\n",CkSocketW_lastErrorText(tunnelB));
        CkSshTunnelW_Dispose(tunnel);
        CkSocketW_Dispose(tunnelB);
        CkSocketW_Dispose(channel);
        return;
    }

    // The time server will send a big-endian 32-bit integer representing
    // the number of seconds since since 00:00 (midnight) 1 January 1900 GMT.
    // The ReceiveInt32 method will receive a 4-byte integer, but returns
    // TRUE or FALSE to indicate success.  If successful, the integer
    // is obtained via the ReceivedInt property.
    bigEndian = TRUE;
    success = CkSocketW_ReceiveInt32(channel,bigEndian);
    if (success == FALSE) {
        wprintf(L"%s\n",CkSocketW_lastErrorText(channel));
        CkSshTunnelW_Dispose(tunnel);
        CkSocketW_Dispose(tunnelB);
        CkSocketW_Dispose(channel);
        return;
    }

    dt = CkDateTimeW_Create();
    CkDateTimeW_SetFromNtpTime(dt,CkSocketW_getReceivedInt(channel));

    // Show the current local date/time
    bLocalTime = TRUE;
    wprintf(L"Current local date/time: %s\n",CkDateTimeW_getAsRfc822(dt,bLocalTime));

    // Close the SSH channel.
    success = CkSocketW_Close(channel,maxWaitMs);
    if (success == FALSE) {
        wprintf(L"%s\n",CkSocketW_lastErrorText(channel));
        CkSshTunnelW_Dispose(tunnel);
        CkSocketW_Dispose(tunnelB);
        CkSocketW_Dispose(channel);
        CkDateTimeW_Dispose(dt);
        return;
    }

    // Stop the background listen/accept thread:
    waitForThreadExit = TRUE;
    success = CkSshTunnelW_StopAccepting(tunnel,waitForThreadExit);
    if (success == FALSE) {
        wprintf(L"%s\n",CkSshTunnelW_lastErrorText(tunnel));
        CkSshTunnelW_Dispose(tunnel);
        CkSocketW_Dispose(tunnelB);
        CkSocketW_Dispose(channel);
        CkDateTimeW_Dispose(dt);
        return;
    }

    // Close the SSH tunnel (would also kick any remaining connected clients).
    success = CkSshTunnelW_CloseTunnel(tunnel,waitForThreadExit);
    if (success == FALSE) {
        wprintf(L"%s\n",CkSshTunnelW_lastErrorText(tunnel));
        CkSshTunnelW_Dispose(tunnel);
        CkSocketW_Dispose(tunnelB);
        CkSocketW_Dispose(channel);
        CkDateTimeW_Dispose(dt);
        return;
    }



    CkSshTunnelW_Dispose(tunnel);
    CkSocketW_Dispose(tunnelB);
    CkSocketW_Dispose(channel);
    CkDateTimeW_Dispose(dt);

    }