Author: Pahaz Blinov
Repo: https://github.com/pahaz/sshtunnel/
Inspired by https://github.com/jmagnusson/bgtunnel but it doesn't work on Windows.
See also: https://github.com/paramiko/paramiko/blob/master/demos/forward.py
Require paramiko.
pip install sshtunnel
or
easy_install sshtunnel
Useful when you need to connect to local port on remote server through ssh
tunnel. It works by opening a port forwarding ssh connection in the
background, using threads. The connection(s) are closed when explicitly
calling the close method of the returned SSHTunnelForwarder object.
----------------------------------------------------------------------
|
-------------+ | +----------+ +---------
LOCAL | | | REMOTE | | PRIVATE
SERVER | <== SSH ========> | SERVER | <== local ==> | SERVER
-------------+ | +----------+ +---------
|
FIREWALL
----------------------------------------------------------------------
Fig1: How to connect to PRIVATE SERVER throw SSH tunnel.
from sshtunnel import SSHTunnelForwarder
server = SSHTunnelForwarder(
('pahaz.urfuclub.ru', 22),
ssh_username="pahaz",
ssh_password="secret",
remote_bind_address=('127.0.0.1', 5555))
server.start()
print(server.local_bind_port)
# work with `SECRET SERVICE` throw `server.local_bind_port`.
server.stop()
Example of a port forwarding for the Vagrant MySQL local port:
from sshtunnel import SSHTunnelForwarder
from time import sleep
with SSHTunnelForwarder(
('localhost', 2222),
ssh_username="vagrant",
ssh_password="vagrant",
remote_bind_address=('127.0.0.1', 3306)) as server:
print(server.local_bind_port)
while True:
# press Ctrl-C for stopping
sleep(1)
print('FINISH!')
Or simple use CLI:
python -m sshtunnel -U vagrant -P vagrant -L :3306 -R 127.0.0.1:3306 -p 2222 localhost
This is an incomplete list of arguments. See __init__() method of SSHTunnelForwarder class in sshtunnel.py for a full list.
Accepts a paramiko.ProxyCommand object which all SSH traffic will be passed through. See either the paramiko.ProxyCommand documentation or ProxyCommand in ssh_config(5) for more information.
Note ssh_proxy overrides any ProxyCommand sourced from the user's ssh_config.
Note ssh_proxy is ignored if ssh_proxy_enabled != True.
If true (default) and the user's ssh_config file contains a ProxyCommand directive that matches the specified ssh_address_or_host (or first positional argument) SSHTunnelForwarder will create a paramiko.ProxyCommand object which all SSH traffic will be passed through. See the ssh_proxy argument for more details.
- Cameron Maske
- Gustavo Machado
- Colin Jermain
- J.M. Fernández - (big thanks!)
- Lewis Thompson
- Erik Rogers
- Write tests!
- add
ssh_proxyargument, as well asssh_config(5)ProxyCommandsupport (lewisthompson)
- fix issuse #24 - hide ssh password in logs (pahaz)
- fix default port issuse #19 (pahaz)
- fix CLI issues/13 (pahaz)
- daemon mode by default for all threads (fernandezcuesta, pahaz) - incompatible
- move
make_ssh_forward_servertoSSHTunnelForwarder.make_ssh_forward_server(pahaz, fernandezcuesta) - incompatible - move
make_ssh_forward_handlertoSSHTunnelForwarder.make_ssh_forward_handler_class(pahaz, fernandezcuesta) - incompatible - rename
opentoopen_tunnel(fernandezcuesta) - incompatible - add CLI interface (fernandezcuesta)
- support opening several tunnels at once (fernandezcuesta)
- improve stability and readability (fernandezcuesta, pahaz)
- improve logging (fernandezcuesta, pahaz)
- add
raise_exception_if_any_forwarder_have_a_problemargument for opening several tunnels at once (pahaz) - add
ssh_config_fileargument support (fernandezcuesta) - add Python 3 support (fernandezcuesta, pahaz)
- add
threadedoptions (cameronmaske) - fix exception error message, correctly printing destination address (gdmachado)
- fix pip install fails (cjermain, pahaz)
SSHTunnelForwarderclass (pahaz)openfunction (pahaz)