You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
fangdingjun b39998c6d3 Merge branch 'tls' of github.com:fangdingjun/obfssh into tls 6 years ago
obfscp change max packet size 6 years ago
obfssh fix name in README 6 years ago
obfsshd update README 6 years ago
.gitignore server: add sftp support 8 years ago
LICENSE first version 8 years ago
README.md update README 6 years ago
client.go change log library 7 years ago
conf.go remove obfsucation, use tls instead 7 years ago
conn.go use dialer on package obfssh 7 years ago
conn_test.go add dynamic http forward throungh secure channel 7 years ago
doc.go update doc 7 years ago
pty_unix.go add shell/exec support on server 6 years ago
pty_windows.go add shell/exec support on server 6 years ago
redir.go add transparent proxy support 8 years ago
redir_iptables.go add getOriginDst of cgo 8 years ago
redir_iptables_2.go fix build error 8 years ago
server.go add shell/exec support on server 6 years ago
util.go change log library 7 years ago

README.md

obfssh

obfssh is wrapper for golang.org/x/crypto/ssh protocol, add support for listen or connect ssh via TLS

server usage example

import "github.com/fangdingjun/obfssh"
import "golang.org/x/crypto/ssh"


config := &ssh.ServerConfig{
	// add ssh server configure here
	// for example auth method, cipher, MAC
	...
}

var l net.Listener
var err error
if useTLS {
    cert, err := tls.LoadX509KeyPair(certFile, keyFile)
    l, err = tls.Listen("tcp", ":2022", &tls.Config{
        Certificates: []tls.Certificate{cert},
    }
}else{
    l, err = net.Listen(":2022")
}

defer l.Close()

for {
    c, err := l.Accept()
    go func(c net.Conn){
        defer c.Close()
        sc, err := obfssh.NewServer(c, config, &obfssh.Conf{})
        sc.Run()
    }(c)
}

client usage example

import "github.com/fangdingjun/obfssh"
import "golang.org/x/crypto/ssh"

addr := "localhost:2022"

config := ssh.ClientConfig{
	// add ssh client config here
	// for example auth method
	...
}

var c net.Conn
var err error 
if useTLS {
    c, err = tls.Dial("tcp", addr, &tls.Config{
        ServerName: "localhost",
        InsecureSkipVerify: true,
    }
}else{
    c, err = net.Dial("tcp", addr)
}

// create connection
client, err := obfssh.NewClient(c, config, addr, &obfssh.Conf{})

// local to remote port forward
client.AddLocalForward(":2234:10.0.0.1:3221")

// remote to local port forward
client.AddRemoteForward(":2234:10.2.0.1:3221")

// dynamic port forward
client.AddDynamicForward(":4321")

// wait to be done
client.Run()

limitions

now, the server side only implements the port forward function, start shell or execute a command is not suppurted

License

GPLv3, see LICENSE file details