TCP/IP Channel is not accessible by other programs or VIs

[jwestra-carrastro]

I am trying to create an SSH connection to a remote computer with an HTTP server running on port 80, and tunnel that server to my local computer's port 80. Using OpenSSH via the command prompt gives me the ability to do this, but I want to be able to open and close this connection at any point in my LabVIEW program, so System Exec VI will not work.

I created a LibSSH2 TCP/IP channel from local 127.0.0.1:80 to remote 127.0.0.1:80, but my browser is unable to connect to the remote HTTP server on localhost like it would be able to with command prompt forwarding. Is there a way to expose the TCP/IP channel created by the LibSSH2 VI to other programs on my computer?

[volks73]

Thank you for your interest and usage of the LIBSSH2 for LabVIEW toolkit.

I am not really familiar with the port forwarding and tunneling capabilities of SSH and more specifically libssh2, so could you provide a little bit more context and information, possible even a screenshot or VI snippet of the LabVIEW code you have tried so far, please?

Is there a way to expose the TCP/IP channel created by the LibSSH2 VI to other programs on my computer?

Can you clarify, you want share the SSH channel from within LabVIEW with another non-LabVIEW program? I believe that is not possible, and if possible, then would most likely be very dangerous/unsecure, too. Maybe I am misunderstanding the question?

[jwestra-carrastro]

I am not really familiar with the port forwarding and tunneling capabilities of SSH and more specifically libssh2, so could you provide a little bit more context and information, possible even a screenshot or VI snippet of the LabVIEW code you have tried so far, please?

SSH can tunnel an ip and port from a local computer to a remote computer. For example ssh -L 192.168.0.4:8080:10.10.10.5:8081 USER@HOSTNAME forwards 192.168.0.4:8080 on the local computer to 10.10.10.5:8081 on the remote computer, and vice-versa.

Can you clarify, you want share the SSH channel from within LabVIEW with another non-LabVIEW program?

Yes, if there is a TCP/IP server on the remote computer at 10.10.10.5:8081, I want to be able to use a channel node in LabVIEW to forward my local 192.168.0.4:8080 to that, so that in a different program I can connect a TCP/IP client to 192.168.0.4:8080 and have it reach that server.

I believe that is not possible, and if possible, then would most likely be very dangerous/unsecure, too.

SSH tunneling is recommended by many IT professionals because it provides a secure, authenticated connection that a simple exposure to the internet would not provide. For example if I published 10.10.10.5:8081 to the internet using the router on my remote computer, say by forwarding it to 172.268.41.35:8081 (public_ip:public_port), then anyone on the internet could access it. But by only forwarding that address and port over SSH connections, only people with trusted keys can access it (assuming the SSH server on the remote computer has been configured for key-based authorization only).

[volks73]

There appears to be some confusion caused by the definition of "channel". In libssh2 and subsequently the LIBSSH2 for LabVIEW Toolkit, a "channel" is part of a SSH session within the libssh2 C code and ultimately LabVIEW code. In libssh2 terms there is:

1. Connection: TCP/IP link between two computers (host and remote, or host and target)
2. Session: a SSH context for a TCP/IP connection to be "elevated" to an encrypted communication
3. Channel: Constructed within a SSH Session on the host machine after a TCP/IP connection has been "elevated"

I apparently misread your question and comments that you wanted to share the SSH Channel construct within the libssh2 C library with an external program or application on the host machine. This would be dangerous and difficult to do. I agree a SSH connection between host and remote machines is the best practice and is secure. Sharing resources, e.g. memory, between programs is complicated and dangerous. I would not recommend it.

As for creating a SSH tunnel with the libssh2 library and this LabVIEW toolkit, the libssh2 project offers a tcpip-forward example on their website. While it is in C, it at least demonstrates that it should be possible to forward a SSH connection, or tunnel, to another port. There is no similar LabVIEW example provided with the toolkit at this time, but all of the function used in the libssh2 C library example exist in the LabVIEW toolkit. I have created a very rough translation of the libssh2 C library example into the following VI snippet:

Hopefully this will help.