You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Dingjun d7abfb0d26 remove obfsucation, use tls instead 7 years ago
obfscp remove obfsucation, use tls instead 7 years ago
obfssh remove obfsucation, use tls instead 7 years ago
obfsshd remove obfsucation, use tls instead 7 years ago
.gitignore server: add sftp support 8 years ago
LICENSE first version 8 years ago
README.md remove obfsucation, use tls instead 7 years ago
client.go remove obfsucation, use tls instead 7 years ago
conf.go remove obfsucation, use tls instead 7 years ago
conn.go remove obfsucation, use tls instead 7 years ago
conn_test.go remove obfsucation, use tls instead 7 years ago
doc.go remove obfsucation, use tls instead 7 years ago
redir.go add transparent proxy support 8 years ago
redir_iptables.go add getOriginDst of cgo 8 years ago
redir_iptables_2.go fix build error 8 years ago
server.go remove obfsucation, use tls instead 7 years ago
util.go handle panic 8 years ago

README.md

obfssh

obfssh is wrapper for golang.org/x/crypto/ssh protocol, add support for listen or connect ssh via TLS

server usage example

import "github.com/fangdingjun/obfssh"
import "golang.org/x/crypto/ssh"


config := &ssh.ServerConfig{
	// add ssh server configure here
	// for example auth method, cipher, MAC
	...
}

var l net.Listener
var err error
if useTLS{
    cert, err := tls.LoadX509KeyPair(certFile, keyFile)
    l, err = tls.Listen("tcp", ":2022", &tls.Config{
        Certificates: []tls.Certificate{cert},
}else{
    l, err = net.Listen(":2022")
}
c, err := l.Accept()

sc, err := obfssh.NewServer(c, config, &obfssh.Conf{})

sc.Run()

client usage example

import "github.com/fangdingjun/obfssh"
import "golang.org/x/crypto/ssh"

addr := "localhost:2022"

config := ssh.ClientConfig{
	// add ssh client config here
	// for example auth method
	...
}

var c net.Conn
var err error 
if useTLS{
    c, err = tls.Dial("tcp", addr, &tls.Config{
        ServerName: "localhost",
        InsecureSkipVerify: true,
    }
}else{
    c, err = net.Dial("tcp", addr)
}

// create connection
client, err := obfssh.NewClient(c, config, addr, &obfssh.Conf{})

// local to remote port forward
client.AddLocalForward(":2234:10.0.0.1:3221")

// remote to local port forward
client.AddRemoteForward(":2234:10.2.0.1:3221")

// dynamic port forward
client.AddDynamicForward(":4321")

// wait to be done
client.Run()

limitions

now, the server side only implements the port forward function, start shell or execute a command is not suppurted

License

GPLv3, see LICENSE file details