Rebex File Server
SFTP, SCP and SSH server library for .NET
Download 30-day free trial Buy from $499More .NET libraries
-
Rebex SFTP
.NET SFTP client
-
Rebex FTP
.NET FTP client
-
Rebex Total Pack
All Rebex libraries together
Back to feature list...
SSH tunneling
SSH port forwarding (outgoing TCP tunnels)
Rebex File Server supports outgoing SSH port forwarding, which makes it possible for SSH clients to establish TCP tunnels through an SSH server, essentially using it as a proxy.
To enable outgoing TCP tunneling, just bind the
Tunneling
subsystem to the desired endpoint or port:
// create a server instance
var server = new FileServer();
// bind tunneling (port forwarding) subsystem to port 22
server.Bind(22, FileServerProtocol.Tunneling);
// add server keys and users
// ...
// start the server in the background
server.Start();
' create a server instance
Dim server As New FileServer()
' bind tunneling (port forwarding) subsystem to port 22
server.Bind(22, FileServerProtocol.Tunneling)
' add server keys and users
' ...
' start the server in the background
server.Start()
Optionally, use TunnelRequested
event to accept or reject outgoing tunneling requests:
// accept or reject outgoing tunneling requests based on the user and target
// (by default, tunneling requests are accepted)
server.TunnelRequested += (sender, e) =>
{
// reject tunnel requests unless enabled below
e.Accept = false;
// only allow outgoing tunnel requests for user 'myuser' and host 'server01'
if (e.IsOutgoing && e.User.Name == "myuser" && e.HostName == "server01")
{
e.Accept = true;
return;
}
};
' accept or reject outgoing tunneling requests based on the user and target
' (by default, tunneling requests are accepted)
AddHandler server.TunnelRequested,
Sub(sender, e)
' reject tunnel requests unless enabled below
e.Accept = False
' only allow outgoing tunnel requests for user 'myuser' and host 'server01'
If e.IsOutgoing And e.User.Name = "myuser" And e.HostName = "server01" Then
e.Accept = True
Return
End If
End Sub
Tip: Rebex SSH Shell implements SSH tunneling (port forwarding) at the client side.
SSH reverse tunnels (incoming TCP tunnels)
Rebex File Server supports reverse (incoming) tunnels as well. This makes it possible for a server to listen for TCP connections on a specific TCP address/port. When a connection is accepted, it is forwarded to the SSH client via an SSH tunnel.
To enable incoming tunnels,
bind the Tunneling
subsystem to the desired endpoint or port and set the
FileServerSettings.EnableReverseTunneling
property.
// create a server instance
var server = new FileServer();
// bind tunneling (port forwarding) subsystem to port 22
server.Bind(22, FileServerProtocol.Tunneling);
// enable reverse tunneling
server.Settings.EnableReverseTunneling = true;
// add server keys and users
// ...
// start the server in the background
server.Start();
' create a server instance
Dim server As New FileServer()
' bind tunneling (port forwarding) subsystem to port 22
server.Bind(22, FileServerProtocol.Tunneling)
' enable reverse tunneling
server.Settings.EnableReverseTunneling = True
' add server keys and users
' ...
' start the server in the background
server.Start()
Then, use TunnelRequested
event to accept or reject incoming tunneling requests, and to accept or reject incoming connections:
// accept or reject incoming tunneling requests based on the user and target
// (by default, tunneling requests are accepted)
server.TunnelRequested += (sender, e) =>
{
// reject tunnel requests unless enabled below
e.Accept = false;
// allow 'myuser' to start reverse tunnels at '127.0.0.1:8080'
if (e.Type == TunnelRequestType.StartListening && e.User.Name == "myuser"
&& e.HostName == "127.0.0.1" && e.Port == 8080)
{
e.Accept = true;
return;
}
// allow incoming connections through reverse tunnels started by 'myuser'
if (e.IsIncoming && e.User.Name == "myuser")
{
e.Accept = true;
return;
}
};
' accept or reject incoming tunneling requests based on the user and target
' (by default, tunneling requests are accepted)
AddHandler server.TunnelRequested,
Sub(sender, e)
' reject tunnel requests unless enabled below
e.Accept = False
' allow 'myuser' to start reverse tunnels at '127.0.0.1:8080'
If e.Type = TunnelRequestType.StartListening And e.User.Name = "myuser" _
And e.HostName = "127.0.0.1" And e.Port = 8080 Then
e.Accept = True
Return
End If
' allow incoming connections through reverse tunnels started by 'myuser'
If e.IsIncoming And e.User.Name = "myuser" Then
e.Accept = True
Return
End If
End Sub
Tip: Rebex SSH Shell implements incoming tunnels at the client side.
Back to feature list...