Rebex File Server
SFTP, SCP and SSH server component for .NET
More .NET components

SSH tunneling

On this page:

SSH port forwarding (TCP tunneling) #

Rebex File Server supports outgoing SSH port forwarding, which makes it possible for SSH clients to establish TCP tunnels through the SSH server, essentially using it as a proxy.

To enable TCP tunneling, just bind the Tunneling subsystem to the desired endpoint or port:

CSharp

// create a server instance
var server = new FileServer();

// bind tunneling (port forwarding) subsystem to port 22
server.Bind(22, FileServerProtocol.Tunneling);

// add server keys and users
// ...

// start the server in the background
server.Start();

VisualBasic

' create a server instance
Dim server As New FileServer()

' bind tunneling (port forwarding) subsystem to port 22
server.Bind(22, FileServerProtocol.Tunneling)

' add server keys and users
' ...

' start the server in the background
server.Start()

Use TunnelRequested event to accept or reject tunneling request:

CSharp

// bind tunneling (port forwarding) subsystem
server.Bind(FileServerProtocol.Tunneling);

// accept or reject tunneling requests based on the user and target
// (by default, tunneling requests are accepted)
server.TunnelRequested += (sender, e) =>
{
    // reject tunnel requests for 'Guest' user
    if (e.User.Name.Equals("Guest", StringComparison.OrdinalIgnoreCase))
        e.Accept = false;

    // reject tunnel requests to all hosts except 'Intranet'
    else if (!e.RemoteHostName.Equals("Intranet", StringComparison.OrdinalIgnoreCase))
        e.Accept = false;
};

VisualBasic

' bind tunneling (port forwarding) subsystem
server.Bind(FileServerProtocol.Tunneling)

' accept or reject tunneling requests based on the user and target
' (by default, tunneling requests are accepted)
AddHandler server.TunnelRequested,
    Sub(sender, e)
        ' reject tunnel requests for 'Guest' user
        If e.User.Name.Equals("Guest", StringComparison.OrdinalIgnoreCase) Then
            e.Accept = False

            ' reject tunnel requests to all hosts except 'Intranet'
        ElseIf Not e.RemoteHostName.Equals("Intranet", StringComparison.OrdinalIgnoreCase) Then
            e.Accept = False
        End If
    End Sub

Tip: Rebex Terminal Emulation implements SSH tunelling (port forwarding) for the client side.