douzhui8531 2019-07-09 13:00
浏览 392

如何执行简单的SSH x11转发

I'm trying to implement ssh x11 forwarding in Go, referring to Paramiko's source, but it does not work well.

The x11-req request seems to be successful, but fails with OpenChannel. Isn't there any better way?

https://tools.ietf.org/html/rfc4254#section-6.3.2

The full code is here.

https://gist.github.com/blacknon/6e2e6e2c0ebcd64c381925f0e3e86e42

package main

(omit)

func main() {
    // Create sshClientConfig
    sshConfig := &ssh.ClientConfig{
        User: user,
        Auth: []ssh.AuthMethod{
            ssh.Password(pass),
        },
        HostKeyCallback: ssh.InsecureIgnoreHostKey(),
    }

    // SSH connect.
    client, err := ssh.Dial("tcp", host+":"+port, sshConfig)

    // Create Session
    session, err := client.NewSession()
    defer session.Close()

    // NOTE:
    // x11-req Payload
    payload := x11request{
        SingleConnection: false,
        AuthProtocol:     string("MIT-MAGIC-COOKIE-1"),
        AuthCookie:       string("d92c30482cc3d2de61888961deb74c08"),
        ScreenNumber:     uint32(0),
    }

    // NOTE:
    // send x11-req Request
    ok, err := session.SendRequest("x11-req", true, ssh.Marshal(payload))
    if err == nil && !ok {
        fmt.Println(errors.New("ssh: x11-req failed"))
    }
    fmt.Printf("x11-req: %v
", ok)
    fmt.Println("-----")

    // x11 OpenChannel (Not working...)
    x11Data := x11channel{
        Host: "localhost",
        Port: uint32(6000),
    }

    sshChan, req, x11err := client.OpenChannel("x11", ssh.Marshal(x11Data))
    fmt.Println(sshChan) // DEBUG
    fmt.Println(req)     // DEBUG
    fmt.Println(x11err)  // DEBUG

    (omit)
}

I added sshd side debug log.

sshd[1811]: debug1: server_input_channel_req: channel 0 request x11-req reply 1
sshd[1811]: debug1: session_by_channel: session 0 channel 0
sshd[1811]: debug1: session_input_channel_req: session 0 req x11-req
sshd[1811]: debug1: channel 1: new [X11 inet listener]
sshd[1811]: debug1: channel 2: new [X11 inet listener]
sshd[1811]: debug1: server_input_channel_open: ctype x11 rchan 1 win 2097152 max 32768
sshd[1811]: debug1: server_input_channel_open: failure x11

Thanks guys! Thanks to it, I was able to implement it safely. Have a working code.

https://gist.github.com/blacknon/9eca2e2b5462f71474e1101179847d2a

  • 写回答

1条回答 默认 最新

  • douchao1957 2019-07-09 16:58
    关注
    // x11 OpenChannel (Not working...)
x11Data := x11channel{
    Host: "localhost",
    Port: uint32(6000),
}

sshChan, req, x11err := client.OpenChannel("x11", ssh.Marshal(x11Data))

    The fundamental issue here is that X11 forwarding channels are initiated from the SSH server to the SSH client. You're trying to open an X11 channel from the client to the server. This isn't supported by your server, and it isn't the usual way to use X forwarding.

    I'm not a go programmer. But after looking the documentation, after your send your x11-req it looks like you would call client.HandleChannelOpen() to receive X11 channel requests coming from the server.

    More background: To be clear, start with the terminology. Your program is an ssh client and it connects to an ssh server. With X, the server is the program which controls a display, keyboard, and mouse. X clients are programs like xterm and xeyes which connect to a server to display windows and do similar things.

    When you want to forward X11 through SSH, the ssh client will send an X11 request to the ssh server. This tells the server that the client wants X11 forwarding for the connection. The server will perform some setup and open a TCP listening port to receive connections from X clients.

    When an X client connects to the ssh server's X11 listening port, the ssh server will open a channel back to the ssh client. The ssh client will connect to the local X server, and the ssh client and ssh server will relay data between the X server (local to the ssh client host) and the X client (local to the ssh server host). Each channel handles a single X client.

    So a program such as yours has to send a request to the server, signalling that your program wants to forward X11 through the ssh connection. The actual x11 channels will be opened on demand from the ssh server to the ssh client when an X client tries to use the forwarded X11 service.

    评论

报告相同问题?

悬赏问题

  • ¥15 运筹学排序问题中的在线排序
  • ¥15 关于docker部署flink集成hadoop的yarn,请教个问题 flink启动yarn-session.sh连不上hadoop,这个整了好几天一直不行,求帮忙看一下怎么解决
  • ¥30 求一段fortran代码用IVF编译运行的结果
  • ¥15 深度学习根据CNN网络模型,搭建BP模型并训练MNIST数据集
  • ¥15 C++ 头文件/宏冲突问题解决
  • ¥15 用comsol模拟大气湍流通过底部加热(温度不同)的腔体
  • ¥50 安卓adb backup备份子用户应用数据失败
  • ¥20 有人能用聚类分析帮我分析一下文本内容嘛
  • ¥30 python代码,帮调试,帮帮忙吧
  • ¥15 #MATLAB仿真#车辆换道路径规划