You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
fangdingjun d91bc0bcf6 add dynamic http forward throungh secure channel
like dynamic forward, but this accept HTTP request incoming,
not socks5.
The destination is determined by http request, the quest is forwarded
through ssh secure channel.
7 years ago
obfscp update README 7 years ago
obfssh add dynamic http forward throungh secure channel 7 years ago
obfsshd update README 7 years ago
.gitignore server: add sftp support 8 years ago
LICENSE first version 8 years ago
README.md update sample code 7 years ago
client.go add dynamic http forward throungh secure channel 7 years ago
conf.go remove obfsucation, use tls instead 7 years ago
conn.go use dialer on package obfssh 7 years ago
conn_test.go add dynamic http forward throungh secure channel 7 years ago
doc.go update doc 7 years ago
redir.go add transparent proxy support 8 years ago
redir_iptables.go add getOriginDst of cgo 8 years ago
redir_iptables_2.go fix build error 8 years ago
server.go add dynamic http forward throungh secure channel 7 years ago
util.go handle panic 8 years ago

README.md

obfssh

obfssh is wrapper for golang.org/x/crypto/ssh protocol, add support for listen or connect ssh via TLS

server usage example

import "github.com/fangdingjun/obfssh"
import "golang.org/x/crypto/ssh"


config := &ssh.ServerConfig{
	// add ssh server configure here
	// for example auth method, cipher, MAC
	...
}

var l net.Listener
var err error
if useTLS{
    cert, err := tls.LoadX509KeyPair(certFile, keyFile)
    l, err = tls.Listen("tcp", ":2022", &tls.Config{
        Certificates: []tls.Certificate{cert},
    }
}else{
    l, err = net.Listen(":2022")
}

defer l.Close()

for {
    c, err := l.Accept()
    go func(c net.Conn){
        defer c.Close()
        sc, err := obfssh.NewServer(c, config, &obfssh.Conf{})
        sc.Run()
    }(c)
}

client usage example

import "github.com/fangdingjun/obfssh"
import "golang.org/x/crypto/ssh"

addr := "localhost:2022"

config := ssh.ClientConfig{
	// add ssh client config here
	// for example auth method
	...
}

var c net.Conn
var err error 
if useTLS{
    c, err = tls.Dial("tcp", addr, &tls.Config{
        ServerName: "localhost",
        InsecureSkipVerify: true,
    }
}else{
    c, err = net.Dial("tcp", addr)
}

// create connection
client, err := obfssh.NewClient(c, config, addr, &obfssh.Conf{})

// local to remote port forward
client.AddLocalForward(":2234:10.0.0.1:3221")

// remote to local port forward
client.AddRemoteForward(":2234:10.2.0.1:3221")

// dynamic port forward
client.AddDynamicForward(":4321")

// wait to be done
client.Run()

limitions

now, the server side only implements the port forward function, start shell or execute a command is not suppurted

License

GPLv3, see LICENSE file details