Simple sockets program question
Hello,
I am a relatively new c programmer and I have just started looking at unix sockets. To test out what I learned, I decided to write a program that forwarded data through to sshd on port 22. Here it is. (I know I didn't do all the error-checking ;) Code:
/* Simple Tunnel Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. (I press enter) SSH-2.0-OpenSSH_4.7 (I press enter) Protocol mismatch. (I press enter) Connection closed by foreign host. When I run "ssh -p4545 127.0.0.1" I get ssh: connect to host 127.0.0.1 port 4545: Connection refused Why does telnet open a connection and ssh doesn't? |
To communicate with SSH you need to use something like the OpenSSL library (plus you need to adhere to the SSH specification). There are numerous negotiations which go on, such as: are you required to prove who you are, what SSL/TLS version you agree to use, what encryption to use on connection, etc. One option you have is to create an SSH 'tunnel' which will allow you to send unencrypted data to a specific port, and the data will magically be relayed via ssh. There are numerous instructions on how to do this on the internet.
|
If I may suggeat that you look at the possibilities to wrap your code in code tags, that will make it easier to read your code! Don't forget to comment your code, to explain what you are doing...
My :twocents:, ;) |
Sorry about the confusion what my program (stunnel) does (hopefully) is forward all the traffic coming in on port 4545 (or whatever you give it at the command line) to another port and reroute that ports replies back through port 4545 to the remote host (see poorly draw diagram below). To test this I used port 22 because I have sshd running on port 22. However, I obviuosly didn't do something right because sshing to port 4545 didn't work. I showed the output of sshing and telneting to port 4545 above. I hope this clarifies it a little.
Code:
......................................................... |
Ah, OK, I misunderstood your original post.
There are a number of fundamental flaws in your logic for bridging the data. Try turning your sockets into nonblocking types. You must also check the return values all the time to ensure that you only attempt to relay data when there is data to send. With any luck that should work (even though it will be rather inefficient). To make a file descriptor non-blocking you need code that's something like this: #include <unistd.h> #include <fcntl.h> int flags = fcntl(my_socket_fd, F_GETFL); fcntl(my_socket_fd, F_SETFL, flags|O_NONBLOCK); Of course you need to check the return value of 'fcntl' for validity. |
Another interesting thing is that telnet will work on any specified port, but sshd on the receiving machine, in this case the remote host, will only accept data on port 22, as per the RFC governing ssh. Anything else is viewed as hostile!
|
Quote:
I am sure I have connected to ssh-server listening on other ports than 22. Some people even recommend running sshd listening on different port than to keep the brute force ssh-ringers from trying you box. And I could not find anything about that in the man pages of sshd_config, ssh and sshd... I did not read the RFC though, the actual implementation I deal with in practice matters more to me in this sort of cases. |
Quote:
|
You can bind any server to any port. The list of 'approved' ports in /etc/services is just the expected arrangement.
Of course, most systems go with the default because it makes life simpler. As for ssh, you can only (sensibly) connect to it if you have a client that can understand the ssh protocol. You can only use telnet to debug servers that are plain text based eg smtp, http; not ssh, https. |
Quote:
|
Have you tried making your sockets non-blocking and see if your program worked then?
|
All times are GMT -5. The time now is 12:23 AM. |