net-ssh 0.6.0 → 0.9.0

data/doc/manual-html/chapter-6.html

@@ -1,7 +1,7 @@
 <html>
   <head>
-    <title>Net::SSH Manual :: Chapter 6: Using Proxies</title>
-    <link type="text/css" rel="stylesheet" href="manual.css" />
+    <title>Net::SSH Manual :: Chapter 6: Port Forwarding</title>
+    <link type="text/css" rel="stylesheet" href="stylesheets/manual.css" />
   </head>
   
   <body>
@@ -14,8 +14,8 @@
           </div>
         </td><td valign='middle' align='right'>
           <div class="info">
-            Net::SSH Version: <strong>0.6.0</strong><br />
-            Manual Last Updated: <strong>2004-12-02 05:13 GMT</strong>
+            Net::SSH Version: <strong>0.9.0</strong><br />
+            Manual Last Updated: <strong>2005-01-11 21:39 GMT</strong>
           </div>
         </td></tr>
       </table>
@@ -110,36 +110,56 @@
           
             <li>
                 <a href="chapter-5.html">
-                Port Forwarding
+                User Shells
                 </a>
                 
               <ol type="1">
                 
                   <li><a href="chapter-5.html#s1">Introduction</a></li>
                 
-                  <li><a href="chapter-5.html#s2">Local-to-Remote</a></li>
+                  <li><a href="chapter-5.html#s2">Using Channels</a></li>
                 
-                  <li><a href="chapter-5.html#s3">Remote-to-Local</a></li>
+                  <li><a href="chapter-5.html#s3">Shell Service</a></li>
                 
-                  <li><a href="chapter-5.html#s4">Direct Channels</a></li>
+                  <li><a href="chapter-5.html#s4">SyncShell Service</a></li>
                 
-                  <li><a href="chapter-5.html#s5">Remote-to-Local Handlers</a></li>
+                  <li><a href="chapter-5.html#s5">Terminal Clients</a></li>
                 
               </ol>
             </li>
           
             <li><strong>
                 <a href="chapter-6.html">
-                Using Proxies
+                Port Forwarding
                 </a>
                 </strong> <big>&larr;</big>
               <ol type="1">
                 
                   <li><a href="chapter-6.html#s1">Introduction</a></li>
                 
-                  <li><a href="chapter-6.html#s2"><span class="caps">HTTP</span></a></li>
+                  <li><a href="chapter-6.html#s2">Local-to-Remote</a></li>
+                
+                  <li><a href="chapter-6.html#s3">Remote-to-Local</a></li>
+                
+                  <li><a href="chapter-6.html#s4">Direct Channels</a></li>
+                
+                  <li><a href="chapter-6.html#s5">Remote-to-Local Handlers</a></li>
+                
+              </ol>
+            </li>
+          
+            <li>
+                <a href="chapter-7.html">
+                Using Proxies
+                </a>
+                
+              <ol type="1">
+                
+                  <li><a href="chapter-7.html#s1">Introduction</a></li>
+                
+                  <li><a href="chapter-7.html#s2"><span class="caps">HTTP</span></a></li>
                 
-                  <li><a href="chapter-6.html#s3"><span class="caps">SOCKS</span></a></li>
+                  <li><a href="chapter-7.html#s3"><span class="caps">SOCKS</span></a></li>
                 
               </ol>
             </li>
@@ -170,7 +190,17 @@
 
         <div id="content">
 
-          <h1>6. Using Proxies</h1>
+           <div class="top"><div class="prevnext">
+  
+    <a href="chapter-5.html">Previous (5. User Shells)</a> |
+  
+  <a href="index.html">Up</a>
+  
+    | <a href="chapter-7.html">Next (7. Using Proxies)</a>
+  
+</div></div>
+
+<h1>6. Port Forwarding</h1>
 
 
 
@@ -182,111 +212,217 @@
    
 
    <div class="section">
-     <p>Many times, you may find yourself behind a firewall, unable to <span class="caps">SSH</span> out. In such instances, you can often take advantage of your existing proxies to tunnel an <span class="caps">SSH</span> connection through your firewall.</p>
+     <p>Port forwarding is a feature of the <span class="caps">SSH</span> protocol that allows you to specify a port on one of the hosts, and have network connections on that port forwarded to a port on a different host, using the <span class="caps">SSH</span> connection as a proxy. There are basically two ways to use this forwarding:</p>
+	<ol>
+	<li>A port on the local host is forwarded via the remote host to another machine. Any connection to the specified port will cause all subsequent data to be sent over the connection to the remote host, where it will then be forwarded to the requested destination host.</li>
+		<li>A port on the remote host is forwarded over the connection to the local host, and from there to (potentially) some other remote destination. Any connection to the specified port on the remote host is forwarded over the connection to the local host, which then makes a connection to the specified remote destination and sends the data there.</li>
+	</ol>
+
+	<p>All port forwarding in the Net::SSH library is managed by the <code>#forward</code> service. Just invoke methods on that service to set up any of various port forwarding configurations.</p>
+
+	<div class='figure'>
+<span class='caption'>Accessing the #forward service [ruby]</span>
+<div class='body'><table border='0' cellpadding='0' cellspacing='0'><tr><td class='lineno'>1<br />2<br />3<br />4<br />5<br /></td><td width='100%'><link rel='stylesheet' type='text/css' href='stylesheets/ruby.css' /><div class='ruby'><pre><span class="constant">Net</span><span class="punct">::</span><span class="constant">SSH</span><span class="punct">.</span><span class="ident">start</span><span class="punct">(</span> <span class="punct">'</span><span class="string">host</span><span class="punct">'</span> <span class="punct">)</span> <span class="keyword">do</span> <span class="punct">|</span><span class="ident">session</span><span class="punct">|</span>
+  <span class="ident">forward</span> <span class="punct">=</span> <span class="ident">session</span><span class="punct">.</span><span class="ident">forward</span>
+  <span class="punct">...</span>
+  <span class="ident">session</span><span class="punct">.</span><span class="ident">loop</span>
+<span class="keyword">end</span></pre></div></td></tr></table></div></div>
+
+	<p>You can define any number of forwards before invoking the main loop, in which case all of those forwards will be handled transparently (and silently) in parallel, over the same connection. (Isn&#8217;t <span class="caps">SSH</span> lovely?)</p>
+
+	<p>Naturally, you can also have remote processes, <span class="caps">SFTP</span> sessions, and more all working at the same time on the connection.</p>
    </div>
 
 
 
      <h2>
        <a name="s2"></a>
-       6.2. <span class="caps">HTTP</span>
+       6.2. Local-to-Remote
      </h2>
 
    
 
    <div class="section">
-     <p>If you have an <span class="caps">HTTP</span> proxy running, you may be able to use it to your advantage.  The following snippet demonstrates how to tunnel an <span class="caps">SSH</span> connection through an <span class="caps">HTTP</span> proxy:</p>
-
+     <p>Forwarding a local connection to a remote destination is simply a matter of invoking the <code>#local</code> method of the <code>#forward</code> service. The simplest version of the method just takes three parameters: the local port to listen on, and the remote host and port to forward the connection to:</p>
 
-<pre>
-  require 'net/ssh'
-  require 'net/ssh/proxy/http'
+	<div class='figure'>
+<span class='caption'>Forwarding a local port [ruby]</span>
+<div class='body'><table border='0' cellpadding='0' cellspacing='0'><tr><td class='lineno'>1<br />2<br />3<br />4<br /></td><td width='100%'><link rel='stylesheet' type='text/css' href='stylesheets/ruby.css' /><div class='ruby'><pre><span class="constant">Net</span><span class="punct">::</span><span class="constant">SSH</span><span class="punct">.</span><span class="ident">start</span><span class="punct">(</span> <span class="punct">'</span><span class="string">host</span><span class="punct">'</span> <span class="punct">)</span> <span class="keyword">do</span> <span class="punct">|</span><span class="ident">session</span><span class="punct">|</span>
+  <span class="ident">session</span><span class="punct">.</span><span class="ident">forward</span><span class="punct">.</span><span class="ident">local</span><span class="punct">(</span> <span class="number">1234</span><span class="punct">,</span> <span class="punct">'</span><span class="string">www.google.com</span><span class="punct">',</span> <span class="number">80</span> <span class="punct">)</span>
+  <span class="ident">session</span><span class="punct">.</span><span class="ident">loop</span>
+<span class="keyword">end</span></pre></div></td></tr></table></div></div>
 
-  proxy_host = 'my.proxy.com'
-  proxy_port = 8080
-  proxy = Net::SSH::Proxy::HTTP.new( proxy_host, proxy_port )
+	<p>In the above example, then, any connection received on port 1234 will be forwarded to port 80 on &#8220;www.google.com&#8221;. This means that if you were to point a browser at &#8220;http://localhost:1234&#8221;, it would pull up <a href="http://www.google.com">Google</a>.</p>
 
-  Net::SSH.start( 'host', :proxy =&gt; proxy ) do |session|
-    ...
-  end
-</pre>
-	<p>As you can see, you first create an instance of the proxy you want to use. (This flexibility allows for other proxy types to be supported, although at present only <span class="caps">HTTP</span> and <span class="caps">SOCKS</span> are available.)</p>
+	<p>By default, only connections <em>from the local host</em> are accepted. This is because the default bind address is 127.0.0.1. You can specify any bind address you want (including 0.0.0.0 to allow connections from anywhere) by specifying that address as the first parameter to <code>#local</code>, with the local port number immediately following.</p>
 
-	<p>Once you&#8217;ve created your proxy, you just start your <span class="caps">SSH</span> session, as usual, except you also pass a <code>:proxy</code> option. The proxy will then be used to obtain a connection to the remote host.</p>
-
-	<p>Note: If your proxy does not allow connects to be made to other hosts on port 22, then you&#8217;ll have to do some magic to allow <span class="caps">SSH</span> connections on your remote host on ports other than 22. Port forwarding on that remote host (from itself, to itself), can help you there.</p>
-
-	<p>For instance, if your proxy disallows connections to any port except (say) 443, you could run the following command on the remote host:</p>
+	<div class='figure'>
+<span class='caption'>Specifying the bind address when forwarding a local port [ruby]</span>
+<div class='body'><link rel='stylesheet' type='text/css' href='stylesheets/ruby.css' /><div class='ruby'><pre><span class="ident">session</span><span class="punct">.</span><span class="ident">forward</span><span class="punct">.</span><span class="ident">local</span><span class="punct">(</span> <span class="punct">'</span><span class="string">0.0.0.0</span><span class="punct">',</span> <span class="number">1234</span><span class="punct">,</span> <span class="punct">'</span><span class="string">www.google.com</span><span class="punct">',</span> <span class="number">80</span> <span class="punct">)</span></pre></div></div></div>
 
+	<p>In this configuration, anyone from anywhere can connect to your machine on port 1234 and be forwarded to Google.</p>
+   </div>
 
-<pre>
-  ssh -gL 443:localhost:22 localhost
-</pre>
-	<p>Then, as long as that command is running, port 443 will always be forwarded to port 22.  Naturally, this means that you must run this command while you have access to the box; if you can&#8217;t access that machine in the first place (ie, because you&#8217;re behind a firewall), then it does you no good.</p>
 
-	<h3>Proxy Authentication</h3>
 
-	<p>Some proxies require authentication. Net::SSH supports these proxies as well. If you specify the user name either as a <code>:user</code> option to the <span class="caps">HTTP</span> proxy constructor, or in the <code>HTTP_PROXY_USER</code> or <code>CONNECT_USER</code> environment variables, that name will be used to authenticate with the proxy. Likewise, the password may be given either via the <code>:password</code> constructor option, or via the <code>HTTP_PROXY_PASSWORD</code> or <code>CONNECT_PASSWORD</code> environment variables.</p>
+     <h2>
+       <a name="s3"></a>
+       6.3. Remote-to-Local
+     </h2>
 
+   
 
-<pre>
-  require 'net/ssh'
-  require 'net/ssh/proxy/http'
+   <div class="section">
+     <p>Forwarding remote connections to the local host is also straightforward; simply call the <code>#remote_to</code> method of the <code>#forward</code> service. This takes three (or four) parameters: the local port and host to be forwarded to (in that order), and the remote port to listen on. The fourth parameter is optional, and is the bind address on the remote machine; this defaults to &#8220;127.0.0.1&#8221;.</p>
 
-  proxy_host = 'my.proxy.com'
-  proxy_port = 8080
-  proxy_user = 'my-name'
-  proxy_password = 'my-password'
+	<div class='figure'>
+<span class='caption'>Forwarding a remote port [ruby]</span>
+<div class='body'><table border='0' cellpadding='0' cellspacing='0'><tr><td class='lineno'>1<br />2<br />3<br />4<br /></td><td width='100%'><link rel='stylesheet' type='text/css' href='stylesheets/ruby.css' /><div class='ruby'><pre><span class="constant">Net</span><span class="punct">::</span><span class="constant">SSH</span><span class="punct">.</span><span class="ident">start</span><span class="punct">(</span> <span class="punct">'</span><span class="string">host</span><span class="punct">'</span> <span class="punct">)</span> <span class="keyword">do</span> <span class="punct">|</span><span class="ident">session</span><span class="punct">|</span>
+  <span class="ident">session</span><span class="punct">.</span><span class="ident">forward</span><span class="punct">.</span><span class="ident">remote_to</span><span class="punct">(</span> <span class="number">80</span><span class="punct">,</span> <span class="punct">'</span><span class="string">www.google.com</span><span class="punct">',</span> <span class="number">1234</span> <span class="punct">)</span>
+  <span class="ident">session</span><span class="punct">.</span><span class="ident">loop</span>
+<span class="keyword">end</span></pre></div></td></tr></table></div></div>
 
-  proxy = Net::SSH::Proxy::HTTP.new( proxy_host, proxy_port,
-              :user =&gt; proxy_user,
-              :password =&gt; proxy_password )
+	<p>The above example causes any connection on port 1234 of the remote machine (<em>from</em> the remote machine) to be forwarded via the local host to port 80 at www.google.com.  To make things a bit more open, you could specify a bind address of 0.0.0.0:</p>
 
-  Net::SSH.start( 'host', :proxy =&gt; proxy ) do |session|
-    ...
-  end
-</pre>
-	<p>Note that currently, only basic authentication is supported; in the future, digest authentication may be added for proxies that support it.</p>
+	<div class='figure'>
+<span class='caption'>Specifying the bind address when forwarding a remote port [ruby]</span>
+<div class='body'><link rel='stylesheet' type='text/css' href='stylesheets/ruby.css' /><div class='ruby'><pre><span class="ident">session</span><span class="punct">.</span><span class="ident">forward</span><span class="punct">.</span><span class="ident">remote_to</span><span class="punct">(</span> <span class="number">80</span><span class="punct">,</span> <span class="punct">'</span><span class="string">www.google.com</span><span class="punct">',</span> <span class="number">1234</span><span class="punct">,</span> <span class="punct">'</span><span class="string">0.0.0.0</span><span class="punct">'</span> <span class="punct">)</span></pre></div></div></div>
    </div>
 
 
 
      <h2>
-       <a name="s3"></a>
-       6.3. <span class="caps">SOCKS</span>
+       <a name="s4"></a>
+       6.4. Direct Channels
      </h2>
 
    
 
    <div class="section">
-     <p>In addition to the <span class="caps">HTTP</span> proxy, Net::SSH also supports <span class="caps">SOCKS</span> proxies (both versions 4 and 5). Their usage is almost identical to the <span class="caps">HTTP</span> version (except <span class="caps">SOCKS4</span> does not use passwords, just user names):</p>
-
+     <p>Sometimes it might be nice to programmatically simulate a network connection on a local port and have it forwarded to the remote host. You can do this by means of the <code>#direct_channel</code> method.</p>
+
+	<p>The <code>#direct_channel</code> method looks similar to <code>#local</code>: the first three parameters are the local port to simulate the connection from, and the remote host and port that the connection should be forwarded to. The fourth parameter, however, is a <em>handler</em>, an object that is used as a callback for a variety of different events.</p>
+
+	<p>The handler for the <code>#direct_channel</code> method may implement any of the following callbacks (all are optional, though you probably want to implement at least one or two of them):</p>
+
+	<table class="list">
+		<tr>
+			<th>Callback </th>
+			<th>Description </th>
+		</tr>
+		<tr>
+			<td style="vertical-align:top;text-align:center;"><code>confirm</code> </td>
+			<td> This is invoked when the channel has been opened and the remote host has confirmed it. This accepts four parameters: the channel itself, the local port, remote host, and remote port. (In this way, the same handler may be used for multiple forward requests.)</td>
+		</tr>
+		<tr>
+			<td style="vertical-align:top;text-align:center;"><code>process</code> </td>
+			<td> After the channel has been confirmed, this is invoked, to process the channel. This callback will be invoked in a new Thread, so that if your handler needs to listen to a socket and then send data received from it over the channel, it can do so without blocking the main loop. The callback accepts a single parameter, the channel handle itself.</td>
+		</tr>
+		<tr>
+			<td style="vertical-align:top;text-align:center;"><code>on_close</code> </td>
+			<td> This is called when the channel over which this forwarded connection is being processed has been closed. The callback accepts a single parameter, the channel itself.</td>
+		</tr>
+		<tr>
+			<td style="vertical-align:top;text-align:center;"><code>on_eof</code> </td>
+			<td> When the remote machine indicates it will send no more data, this callback will be invoked. It accepts a single parameter, the channel itself.</td>
+		</tr>
+		<tr>
+			<td style="vertical-align:top;text-align:center;"><code>on_receive</code> </td>
+			<td> This is invoked when data is received from the remote machine. It accepts two parameters: the channel handle, and the data that was received.</td>
+		</tr>
+	</table>
+
+
+
+	<p>For example, the following example pretends to be a client that has connected to the local host on a forwarded port:</p>
+
+	<div class='figure'>
+<span class='caption'>Using a handler object to mimic a forwarded port [ruby]</span>
+<div class='body'><table border='0' cellpadding='0' cellspacing='0'><tr><td class='lineno'>1<br />2<br />3<br />4<br />5<br />6<br />7<br />8<br />9<br />10<br />11<br />12<br />13<br />14<br />15<br />16<br />17<br /></td><td width='100%'><link rel='stylesheet' type='text/css' href='stylesheets/ruby.css' /><div class='ruby'><pre><span class="keyword">class </span><span class="class">Handler</span>
+  <span class="keyword">def </span><span class="method">on_receive</span><span class="punct">(</span> <span class="ident">channel</span><span class="punct">,</span> <span class="ident">data</span> <span class="punct">)</span>
+    <span class="ident">puts</span> <span class="punct">&quot;</span><span class="string">got data: </span><span class="expr">#{data.inspect}</span><span class="punct">&quot;</span>
+    <span class="ident">channel</span><span class="punct">.</span><span class="ident">send_data</span> <span class="punct">&quot;</span><span class="string">subsequent request</span><span class="punct">&quot;</span>
+  <span class="keyword">end</span>
+
+  <span class="keyword">def </span><span class="method">process</span><span class="punct">(</span> <span class="ident">channel</span> <span class="punct">)</span>
+    <span class="ident">channel</span><span class="punct">.</span><span class="ident">send_data</span> <span class="punct">&quot;</span><span class="string">initial request</span><span class="punct">&quot;</span>
+  <span class="keyword">end</span>
+<span class="keyword">end</span>
+
+<span class="constant">Net</span><span class="punct">::</span><span class="constant">SSH</span><span class="punct">.</span><span class="ident">start</span><span class="punct">(</span> <span class="punct">'</span><span class="string">host</span><span class="punct">'</span> <span class="punct">)</span> <span class="keyword">do</span> <span class="punct">|</span><span class="ident">session</span><span class="punct">|</span>
+  <span class="ident">session</span><span class="punct">.</span><span class="ident">forward</span><span class="punct">.</span><span class="ident">direct_channel</span><span class="punct">(</span> <span class="number">1234</span><span class="punct">,</span> <span class="punct">'</span><span class="string">somewhere.else.net</span><span class="punct">',</span>
+    <span class="number">4321</span><span class="punct">,</span> <span class="constant">Handler</span><span class="punct">.</span><span class="ident">new</span> <span class="punct">)</span>
+
+  <span class="ident">session</span><span class="punct">.</span><span class="ident">loop</span>
+<span class="keyword">end</span></pre></div></td></tr></table></div></div>
+
+	<p>The local port number for <code>#direct_channel</code> has no real purpose, other than to report to the <span class="caps">SSH</span> server that the &#8220;virtual&#8221; connection occurred on that port.</p>
+   </div>
 
-<pre>
-  require 'net/ssh'
-  require 'net/ssh/proxy/socks4'
-  require 'net/ssh/proxy/socks5'
 
-  proxy_host = 'my.proxy.com'
-  proxy_port = 1080
-  proxy_user = 'my-name'
-  proxy_password = 'my-password'
 
-  socks4 = Net::SSH::Proxy::SOCKS4.new( proxy_host, proxy_port,
-              :user =&gt; proxy_user )
+     <h2>
+       <a name="s5"></a>
+       6.5. Remote-to-Local Handlers
+     </h2>
 
-  socks5 = Net::SSH::Proxy::SOCKS5.new( proxy_host, proxy_port,
-              :user =&gt; proxy_user,
-              :password =&gt; proxy_password)
+   
 
-  Net::SSH.start( 'host', :proxy =&gt; socks4 ) do |session|
-    ...
-  end
-</pre>
+   <div class="section">
+     <p>You can use handlers going in the other direction, too. If you want to programmatically process forwarded data from a remote host, you can use the <code>#remote</code> method.  This takes two parameters, with an optional third parameter. The two required parameters are the handler to use, and the remote port that should be listened to. The optional parameter is the remote bind address, which defaults to &#8216;127.0.0.1&#8217;.</p>
+
+	<p>(Incidentally, if the port is 0, a new port will be allocated for you automatically by the server.)</p>
+
+	<p>Whenever connections are received on the remote port, they will be forwarded to the handler, which may implement the following callbacks:</p>
+
+	<table class="list">
+		<tr>
+			<th>Callback </th>
+			<th>Description </th>
+		</tr>
+		<tr>
+			<td style="vertical-align:top;text-align:center;"><code>error</code> </td>
+			<td> This is invoked if the forward could not be initiated. It accepts a single parameter, which is the error message. </td>
+		</tr>
+		<tr>
+			<td style="vertical-align:top;text-align:center;"><code>on_close</code> </td>
+			<td> This is invoked when the channel that was assigned to process this forwarded connection has been closed. The callback takes one parameter: the channel itself. </td>
+		</tr>
+		<tr>
+			<td style="vertical-align:top;text-align:center;"><code>on_eof</code> </td>
+			<td> This is invoked when the remote end of the connection has promised not to send any more data. The local end of the channel may continue to send data, however. This callback takes on parameter: the channel itself.</td>
+		</tr>
+		<tr>
+			<td style="vertical-align:top;text-align:center;"><code>on_open</code> </td>
+			<td> This is invoked when a new connection is received over the forwarded channel. It accepts five parameters: the channel object, the connected address, the connected port, the originator address, and the originator port. </td>
+		</tr>
+		<tr>
+			<td style="vertical-align:top;text-align:center;"><code>on_receive</code> </td>
+			<td> This is invoked when data is received over the channel from the remote connection. It accepts two parameters: the channel object, and the data that was received. </td>
+		</tr>
+		<tr>
+			<td style="vertical-align:top;text-align:center;"><code>setup</code> </td>
+			<td> This is invoked immediately after the forward request has been acknowledged as successful. It accepts a single parameter, which is the port that was assigned to this forward. If the port parameter to <code>#remote</code> was not 0, then that same value will be passed to the callback. Otherwise, the newly allocated port number will be passed to the callback. </td>
+		</tr>
+	</table>
+
+
+
+	<p>Note that the <code>on_receive</code> handler is required&#8212;all other callbacks may remain unimplemented by the handler.</p>
    </div>
 
 
 
+<div class="bottom"><div class="prevnext">
+  
+    <a href="chapter-5.html">Previous (5. User Shells)</a> |
+  
+  <a href="index.html">Up</a>
+  
+    | <a href="chapter-7.html">Next (7. Using Proxies)</a>
+  
+</div></div>
+
 
         </div>
 

data/doc/manual-html/chapter-7.html

@@ -0,0 +1,331 @@
+<html>
+  <head>
+    <title>Net::SSH Manual :: Chapter 7: Using Proxies</title>
+    <link type="text/css" rel="stylesheet" href="stylesheets/manual.css" />
+  </head>
+  
+  <body>
+    <div id="banner">
+      <table border='0' cellpadding='0' cellspacing='0' width='100%'>
+        <tr><td valign='top' align='left'>
+          <div class="title">
+            <span class="product">Net::SSH&mdash;</span><br />
+            <span class="tagline">Secure Shell for Ruby</span>
+          </div>
+        </td><td valign='middle' align='right'>
+          <div class="info">
+            Net::SSH Version: <strong>0.9.0</strong><br />
+            Manual Last Updated: <strong>2005-01-11 21:39 GMT</strong>
+          </div>
+        </td></tr>
+      </table>
+    </div>
+
+    <table border='0' width='100%' cellpadding='0' cellspacing='0'>
+      <tr><td valign='top'>
+
+        <div id="navigation">
+          <h1>Net::SSH Manual</h1>
+
+          <h2>Chapters</h2>
+          <ol type="I">
+          
+            <li>
+                <a href="chapter-1.html">
+                Introduction
+                </a>
+                
+              <ol type="1">
+                
+                  <li><a href="chapter-1.html#s1">What is Net::SSH?</a></li>
+                
+                  <li><a href="chapter-1.html#s2">What isn&#8217;t Net::SSH?</a></li>
+                
+                  <li><a href="chapter-1.html#s3">Getting Net::SSH</a></li>
+                
+                  <li><a href="chapter-1.html#s4">License Information</a></li>
+                
+                  <li><a href="chapter-1.html#s5">Support</a></li>
+                
+                  <li><a href="chapter-1.html#s6">About the Author</a></li>
+                
+              </ol>
+            </li>
+          
+            <li>
+                <a href="chapter-2.html">
+                Starting a Session
+                </a>
+                
+              <ol type="1">
+                
+                  <li><a href="chapter-2.html#s1">Using Net::SSH.start</a></li>
+                
+                  <li><a href="chapter-2.html#s2">Using a Public/Private Key</a></li>
+                
+                  <li><a href="chapter-2.html#s3">Options</a></li>
+                
+                  <li><a href="chapter-2.html#s4">Using Net::SSH::Session</a></li>
+                
+              </ol>
+            </li>
+          
+            <li>
+                <a href="chapter-3.html">
+                Channels
+                </a>
+                
+              <ol type="1">
+                
+                  <li><a href="chapter-3.html#s1">What are Channels?</a></li>
+                
+                  <li><a href="chapter-3.html#s2">Session.loop</a></li>
+                
+                  <li><a href="chapter-3.html#s3">Channel Types</a></li>
+                
+                  <li><a href="chapter-3.html#s4">Opening a Channel</a></li>
+                
+                  <li><a href="chapter-3.html#s5">Callbacks</a></li>
+                
+                  <li><a href="chapter-3.html#s6">Channel Operations</a></li>
+                
+              </ol>
+            </li>
+          
+            <li>
+                <a href="chapter-4.html">
+                Executing Commands
+                </a>
+                
+              <ol type="1">
+                
+                  <li><a href="chapter-4.html#s1">Using Channels</a></li>
+                
+                  <li><a href="chapter-4.html#s2">Using #process.open</a></li>
+                
+                  <li><a href="chapter-4.html#s3">Using #process.popen3</a></li>
+                
+              </ol>
+            </li>
+          
+            <li>
+                <a href="chapter-5.html">
+                User Shells
+                </a>
+                
+              <ol type="1">
+                
+                  <li><a href="chapter-5.html#s1">Introduction</a></li>
+                
+                  <li><a href="chapter-5.html#s2">Using Channels</a></li>
+                
+                  <li><a href="chapter-5.html#s3">Shell Service</a></li>
+                
+                  <li><a href="chapter-5.html#s4">SyncShell Service</a></li>
+                
+                  <li><a href="chapter-5.html#s5">Terminal Clients</a></li>
+                
+              </ol>
+            </li>
+          
+            <li>
+                <a href="chapter-6.html">
+                Port Forwarding
+                </a>
+                
+              <ol type="1">
+                
+                  <li><a href="chapter-6.html#s1">Introduction</a></li>
+                
+                  <li><a href="chapter-6.html#s2">Local-to-Remote</a></li>
+                
+                  <li><a href="chapter-6.html#s3">Remote-to-Local</a></li>
+                
+                  <li><a href="chapter-6.html#s4">Direct Channels</a></li>
+                
+                  <li><a href="chapter-6.html#s5">Remote-to-Local Handlers</a></li>
+                
+              </ol>
+            </li>
+          
+            <li><strong>
+                <a href="chapter-7.html">
+                Using Proxies
+                </a>
+                </strong> <big>&larr;</big>
+              <ol type="1">
+                
+                  <li><a href="chapter-7.html#s1">Introduction</a></li>
+                
+                  <li><a href="chapter-7.html#s2"><span class="caps">HTTP</span></a></li>
+                
+                  <li><a href="chapter-7.html#s3"><span class="caps">SOCKS</span></a></li>
+                
+              </ol>
+            </li>
+          
+          </ol>
+
+          <h2>Other Documentation</h2>
+
+          <ul>
+            <li><a href="http://net-ssh.rubyforge.org/api/index.html">Net::SSH API</a></li>
+            <li><a href="http://rubyforge.org/tracker/?atid=1842&group_id=274&func=browse">Net::SSH FAQ</a></li>
+          </ul>
+
+          <h2>Tutorials</h2>
+          <ol>
+          
+          </ol>
+
+          <p align="center"><strong>More To Come...</strong></p>
+
+          <div class="license">
+            <a href="http://creativecommons.org/licenses/by-sa/2.0/"><img alt="Creative Commons License" border="0" src="http://creativecommons.org/images/public/somerights" /></a><br />
+            This manual is licensed under a <a href="http://creativecommons.org/licenses/by-sa/2.0/">Creative Commons License</a>.
+          </div>
+        </div>
+
+      </td><td valign='top' width="100%">
+
+        <div id="content">
+
+           <div class="top"><div class="prevnext">
+  
+    <a href="chapter-6.html">Previous (6. Port Forwarding)</a> |
+  
+  <a href="index.html">Up</a>
+  
+</div></div>
+
+<h1>7. Using Proxies</h1>
+
+
+
+     <h2>
+       <a name="s1"></a>
+       7.1. Introduction
+     </h2>
+
+   
+
+   <div class="section">
+     <p>Many times, you may find yourself behind a firewall, unable to <span class="caps">SSH</span> out. In such instances, you can often take advantage of your existing proxies to tunnel an <span class="caps">SSH</span> connection through your firewall.</p>
+   </div>
+
+
+
+     <h2>
+       <a name="s2"></a>
+       7.2. <span class="caps">HTTP</span>
+     </h2>
+
+   
+
+   <div class="section">
+     <p>If you have an <span class="caps">HTTP</span> proxy running, you may be able to use it to your advantage.  The following snippet demonstrates how to tunnel an <span class="caps">SSH</span> connection through an <span class="caps">HTTP</span> proxy:</p>
+
+	<div class='figure'>
+<span class='caption'>Tunnelling an SSH connection over HTTP [ruby]</span>
+<div class='body'><table border='0' cellpadding='0' cellspacing='0'><tr><td class='lineno'>1<br />2<br />3<br />4<br />5<br />6<br />7<br />8<br />9<br />10<br /></td><td width='100%'><link rel='stylesheet' type='text/css' href='stylesheets/ruby.css' /><div class='ruby'><pre><span class="ident">require</span> <span class="punct">'</span><span class="string">net/ssh</span><span class="punct">'</span>
+<span class="ident">require</span> <span class="punct">'</span><span class="string">net/ssh/proxy/http</span><span class="punct">'</span>
+
+<span class="ident">proxy_host</span> <span class="punct">=</span> <span class="punct">'</span><span class="string">my.proxy.com</span><span class="punct">'</span>
+<span class="ident">proxy_port</span> <span class="punct">=</span> <span class="number">8080</span>
+<span class="ident">proxy</span> <span class="punct">=</span> <span class="constant">Net</span><span class="punct">::</span><span class="constant">SSH</span><span class="punct">::</span><span class="constant">Proxy</span><span class="punct">::</span><span class="constant">HTTP</span><span class="punct">.</span><span class="ident">new</span><span class="punct">(</span> <span class="ident">proxy_host</span><span class="punct">,</span> <span class="ident">proxy_port</span> <span class="punct">)</span>
+
+<span class="constant">Net</span><span class="punct">::</span><span class="constant">SSH</span><span class="punct">.</span><span class="ident">start</span><span class="punct">(</span> <span class="punct">'</span><span class="string">host</span><span class="punct">',</span> <span class="symbol">:proxy</span> <span class="punct">=&gt;</span> <span class="ident">proxy</span> <span class="punct">)</span> <span class="keyword">do</span> <span class="punct">|</span><span class="ident">session</span><span class="punct">|</span>
+  <span class="punct">...</span>
+<span class="keyword">end</span></pre></div></td></tr></table></div></div>
+
+	<p>As you can see, you first create an instance of the proxy you want to use. (This flexibility allows for other proxy types to be supported, although at present only <span class="caps">HTTP</span> and <span class="caps">SOCKS</span> are available.)</p>
+
+	<p>Once you&#8217;ve created your proxy, you just start your <span class="caps">SSH</span> session, as usual, except you also pass a <code>:proxy</code> option. The proxy will then be used to obtain a connection to the remote host.</p>
+
+	<p>Note: If your proxy does not allow connects to be made to other hosts on port 22, then you&#8217;ll have to do some magic to allow <span class="caps">SSH</span> connections on your remote host on ports other than 22. Port forwarding on that remote host (from itself, to itself), can help you there.</p>
+
+	<p>For instance, if your proxy disallows connections to any port except (say) 443, you could run the following command on the remote host:</p>
+
+	<div class='figure'>
+<span class='caption'>Forwarding a port using the ssh command [shell]</span>
+<div class='body'><link rel='stylesheet' type='text/css' href='stylesheets/shell.css' /><div class='shell'><pre>ssh -gL 443:localhost:22 localhost</pre></div></div></div>
+
+	<p>Then, as long as that command is running, port 443 will always be forwarded to port 22.  Naturally, this means that you must run this command while you have access to the box; if you can&#8217;t access that machine in the first place (ie, because you&#8217;re behind a firewall), then it does you no good.</p>
+
+	<h3>Proxy Authentication</h3>
+
+	<p>Some proxies require authentication. Net::SSH supports these proxies as well. If you specify the user name either as a <code>:user</code> option to the <span class="caps">HTTP</span> proxy constructor, or in the <code>HTTP_PROXY_USER</code> or <code>CONNECT_USER</code> environment variables, that name will be used to authenticate with the proxy. Likewise, the password may be given either via the <code>:password</code> constructor option, or via the <code>HTTP_PROXY_PASSWORD</code> or <code>CONNECT_PASSWORD</code> environment variables.</p>
+
+	<div class='figure'>
+<span class='caption'>Using HTTP proxy authentication [ruby]</span>
+<div class='body'><table border='0' cellpadding='0' cellspacing='0'><tr><td class='lineno'>1<br />2<br />3<br />4<br />5<br />6<br />7<br />8<br />9<br />10<br />11<br />12<br />13<br />14<br />15<br /></td><td width='100%'><link rel='stylesheet' type='text/css' href='stylesheets/ruby.css' /><div class='ruby'><pre><span class="ident">require</span> <span class="punct">'</span><span class="string">net/ssh</span><span class="punct">'</span>
+<span class="ident">require</span> <span class="punct">'</span><span class="string">net/ssh/proxy/http</span><span class="punct">'</span>
+
+<span class="ident">proxy_host</span> <span class="punct">=</span> <span class="punct">'</span><span class="string">my.proxy.com</span><span class="punct">'</span>
+<span class="ident">proxy_port</span> <span class="punct">=</span> <span class="number">8080</span>
+<span class="ident">proxy_user</span> <span class="punct">=</span> <span class="punct">'</span><span class="string">my-name</span><span class="punct">'</span>
+<span class="ident">proxy_password</span> <span class="punct">=</span> <span class="punct">'</span><span class="string">my-password</span><span class="punct">'</span>
+
+<span class="ident">proxy</span> <span class="punct">=</span> <span class="constant">Net</span><span class="punct">::</span><span class="constant">SSH</span><span class="punct">::</span><span class="constant">Proxy</span><span class="punct">::</span><span class="constant">HTTP</span><span class="punct">.</span><span class="ident">new</span><span class="punct">(</span> <span class="ident">proxy_host</span><span class="punct">,</span> <span class="ident">proxy_port</span><span class="punct">,</span>
+            <span class="symbol">:user</span> <span class="punct">=&gt;</span> <span class="ident">proxy_user</span><span class="punct">,</span>
+            <span class="symbol">:password</span> <span class="punct">=&gt;</span> <span class="ident">proxy_password</span> <span class="punct">)</span>
+
+<span class="constant">Net</span><span class="punct">::</span><span class="constant">SSH</span><span class="punct">.</span><span class="ident">start</span><span class="punct">(</span> <span class="punct">'</span><span class="string">host</span><span class="punct">',</span> <span class="symbol">:proxy</span> <span class="punct">=&gt;</span> <span class="ident">proxy</span> <span class="punct">)</span> <span class="keyword">do</span> <span class="punct">|</span><span class="ident">session</span><span class="punct">|</span>
+  <span class="punct">...</span>
+<span class="keyword">end</span></pre></div></td></tr></table></div></div>
+
+	<p>Note that currently, only basic authentication is supported; in the future, digest authentication may be added for proxies that support it.</p>
+   </div>
+
+
+
+     <h2>
+       <a name="s3"></a>
+       7.3. <span class="caps">SOCKS</span>
+     </h2>
+
+   
+
+   <div class="section">
+     <p>In addition to the <span class="caps">HTTP</span> proxy, Net::SSH also supports <span class="caps">SOCKS</span> proxies (both versions 4 and 5). Their usage is almost identical to the <span class="caps">HTTP</span> version (except <span class="caps">SOCKS4</span> does not use passwords, just user names):</p>
+
+	<div class='figure'>
+<span class='caption'>Using SOCKS proxies [ruby]</span>
+<div class='body'><table border='0' cellpadding='0' cellspacing='0'><tr><td class='lineno'>1<br />2<br />3<br />4<br />5<br />6<br />7<br />8<br />9<br />10<br />11<br />12<br />13<br />14<br />15<br />16<br />17<br />18<br />19<br /></td><td width='100%'><link rel='stylesheet' type='text/css' href='stylesheets/ruby.css' /><div class='ruby'><pre><span class="ident">require</span> <span class="punct">'</span><span class="string">net/ssh</span><span class="punct">'</span>
+<span class="ident">require</span> <span class="punct">'</span><span class="string">net/ssh/proxy/socks4</span><span class="punct">'</span>
+<span class="ident">require</span> <span class="punct">'</span><span class="string">net/ssh/proxy/socks5</span><span class="punct">'</span>
+
+<span class="ident">proxy_host</span> <span class="punct">=</span> <span class="punct">'</span><span class="string">my.proxy.com</span><span class="punct">'</span>
+<span class="ident">proxy_port</span> <span class="punct">=</span> <span class="number">1080</span>
+<span class="ident">proxy_user</span> <span class="punct">=</span> <span class="punct">'</span><span class="string">my-name</span><span class="punct">'</span>
+<span class="ident">proxy_password</span> <span class="punct">=</span> <span class="punct">'</span><span class="string">my-password</span><span class="punct">'</span>
+
+<span class="ident">socks4</span> <span class="punct">=</span> <span class="constant">Net</span><span class="punct">::</span><span class="constant">SSH</span><span class="punct">::</span><span class="constant">Proxy</span><span class="punct">::</span><span class="constant">SOCKS4</span><span class="punct">.</span><span class="ident">new</span><span class="punct">(</span> <span class="ident">proxy_host</span><span class="punct">,</span> <span class="ident">proxy_port</span><span class="punct">,</span>
+            <span class="symbol">:user</span> <span class="punct">=&gt;</span> <span class="ident">proxy_user</span> <span class="punct">)</span>
+
+<span class="ident">socks5</span> <span class="punct">=</span> <span class="constant">Net</span><span class="punct">::</span><span class="constant">SSH</span><span class="punct">::</span><span class="constant">Proxy</span><span class="punct">::</span><span class="constant">SOCKS5</span><span class="punct">.</span><span class="ident">new</span><span class="punct">(</span> <span class="ident">proxy_host</span><span class="punct">,</span> <span class="ident">proxy_port</span><span class="punct">,</span>
+            <span class="symbol">:user</span> <span class="punct">=&gt;</span> <span class="ident">proxy_user</span><span class="punct">,</span>
+            <span class="symbol">:password</span> <span class="punct">=&gt;</span> <span class="ident">proxy_password</span><span class="punct">)</span>
+
+<span class="constant">Net</span><span class="punct">::</span><span class="constant">SSH</span><span class="punct">.</span><span class="ident">start</span><span class="punct">(</span> <span class="punct">'</span><span class="string">host</span><span class="punct">',</span> <span class="symbol">:proxy</span> <span class="punct">=&gt;</span> <span class="ident">socks4</span> <span class="punct">)</span> <span class="keyword">do</span> <span class="punct">|</span><span class="ident">session</span><span class="punct">|</span>
+  <span class="punct">...</span>
+<span class="keyword">end</span></pre></div></td></tr></table></div></div>
+   </div>
+
+
+
+<div class="bottom"><div class="prevnext">
+  
+    <a href="chapter-6.html">Previous (6. Port Forwarding)</a> |
+  
+  <a href="index.html">Up</a>
+  
+</div></div>
+
+
+        </div>
+
+      </td></tr>
+    </table>
+  </body>
+</html>