-1

The code below (main.py) realizes the access to a host through SSH and creates a tunnel for the IP to be accessed by 127.0.0.1:

import paramiko
from sshtunnel import SSHTunnelForwarder
from paramiko import SSHClient

class SSH:
    def __init__(self):
        self.ssh = SSHClient()
        self.ssh.load_system_host_keys()
        self.ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
        self.ssh.connect(hostname='127.0.0.1',port='10022',username='root',password='root')

        def exec_cmd(self,cmd):
            stdin,stdout,stderr = self.ssh.exec_command(cmd)
            if stderr.channel.recv_exit_status() != 0:
                print (stderr.read())
            else:
                print (stdout.read())


server = SSHTunnelForwarder(
    '192.168.100.10',
    ssh_username="root",
    ssh_password="root",
    remote_bind_address=('127.0.0.1', 22),
    local_bind_address=('0.0.0.0', 10022)
)

server.start()

if __name__ == '__main__':
    ssh = SSH()
    stdin,stdout,stderr = ssh.ssh.exec_command("hostname")
    retorno = stdout.read()
    print (retorno)

server.stop()

I'm trying to access a specific machine and for that, I have to access a machine initially for network reasons.

In Python, I run main.py to perform SSH on the initial machine and after that I create a tunnel for the other machine, managing to execute remote commands on it.

----------------------------------------------------------------------
                            |
-------------+              |    +----------+               +---------+
      HOST   |              |    |   HOST   |               |   HOST  |
    MAIN.PY  | -- SSH ----> |    |  INITIAL | -- TUNNEL --> |  WANTED |
-------------+              |    +----------+               +---------+
                            |
----------------------------------------------------------------------

The topology accessing by Putty is: Access initial connection (the one you have network rules created for) and then execute the SSH command for the other machine, arriving at the desired machine.

As stated in the code above, I can only access the first host. Can anybody help me?

Danilo Marquiori
  • 85
  • 1
  • 1
  • 4
  • You didn't tell us, what problem does your code have. – Though I believe you have the ports wrong. You are forwarding the local post 10022, yet you are connecting to the local port 22. Also you should, at least until you resolve your connection problems, use consistent and fixed IP addresses. So not `0.0.0.0`, but `127.0.0.1`. – Martin Prikryl Jul 15 '20 at 12:49
  • I believe that you did not understand my problem. The code above is not an error, but it connects to only one host through a tunnel. I say again, I need to perform access on an initial host to create a tunnel for another machine and access it. Connect on two hosts at the same time. Initial -> second host – Danilo Marquiori Jul 15 '20 at 13:15
  • At the end of the question I say, "As stated in the code above, I can only access the first host." I need help to create a code that can access two hosts at the same time – Danilo Marquiori Jul 15 '20 at 13:17
  • I understand what you want to do (while I may not understand your problem). `server.start()` connects to the first server and then the `SSH` tries to connect to the second. But it instead connects to 127.0.0.1:22. If that does not raise any error (as you seem indicate that you do not get any), it's only because there's a local SSH server and the code connect to it by mistake. – Martin Prikryl Jul 15 '20 at 13:25
  • For me to access two servers I need to inform 2 ips. Initially I inform an IP and connect, after this I need to inform my second IP (that I want to make the tunnel) then I use SSH to access the tunnel using 127.0.0.1. Two hosts IP1 and IP2 after accessing IP1 I create the tunnel informing IP2 and accessing IP2 through 127.0.0.1 – Danilo Marquiori Jul 15 '20 at 13:31
  • I understood your doubt. I updated my code for your better understanding. Code now performs SSH connection using 127.0.0.1 falling on the IP that I made the tunnel (192.168.100.10)..... My problem is to connect at 192.168.100.10 and after that create a tunnel for another IP, and not for himself. – Danilo Marquiori Jul 15 '20 at 13:36
  • Sorry, I'm lost. What does it mean *"I need to **inform** 2 ips"*? + Do you or do you not get an error? If you do, show us the stack trace. + Did you try creating the tunnel using any SSH client first, before starting coding? – Martin Prikryl Jul 15 '20 at 13:51
  • I believe you are not aware of remote access in linux. I'll try to exemplify. I have a company called X, in it I released an access server for company Y. That is, company Y has access only to the server that was released, accessing this server, company Y gets access to my LAN. What I'm trying to do is, create a Python to perform access to this released server (WAN) and after this server access another server within the LAN. That is, I need 2 ips, the released and another ip of the internal server. – Danilo Marquiori Jul 15 '20 at 14:29
  • In python I need to establish a connection with this released IP (WAN) and starting from it create a tunnel to another IP (desired IP). With that I will have: the initial connection + a tunnel for the local ip that I want. – Danilo Marquiori Jul 15 '20 at 14:32

1 Answers1

0

I made the following change:

    server = SSHTunnelForwarder(
    '192.168.1.1',
    ssh_username="teste2",
    ssh_password="teste2",
    remote_bind_address=('<Destination HOST IP>', 22),
    local_bind_address=('127.0.0.1', 10022) # Here you leave the loopback ip
)
Dharman
  • 30,962
  • 25
  • 85
  • 135
Danilo Marquiori
  • 85
  • 1
  • 1
  • 4