1

By terminal I am able to SSH multiple times to connect to the server:

(client--->gateway--->server1---->server2---)

But now to do it through JSch library of Java, how to go about it? First tried portforwarding, but on terminal I am not doing that (not setting -R -L parameters in ssh).

Then I came across question How to SSH to a server behind another SSH server using JSch?, but I don't understand how to create tcp tunnel!

Community
  • 1
  • 1
curio17
  • 660
  • 1
  • 6
  • 15

1 Answers1

0

Port-forwarding is the best way to go.

You do not do port forwarding in the terminal, as you connect to the second section manually by typing the ssh command. While you can automate that using JSch, it is not really a reliable way to try to simulate a human being. If you want to replace the first ssh (terminal) step with JSch, for the same reason you do not want to use ssh for the second step. The accepted answer in the question you link to also discourages you from trying that. While when everything goes ok, it might work. But once any problem steps in, your will have troubles dealing with it automatically. For example, you can hardly automate host key verification for the second server.

The SSH tunnel is port forwarding. But maybe the mentioned ProxySSH (which does not seem to exists anymore) did internally without opening a local port, but used the "port forwarding" channel directly by the second session. But that's a way too complicated to implement. Stick with simple port forwarding.

For a complete example, see:
JSch multiple tunnels/jumphosts

Martin Prikryl
  • 188,800
  • 56
  • 490
  • 992
  • I know that port forwarding is the only way in jsch, can you give some resources to do this multi hop tunnelling ? – curio17 May 21 '16 at 02:58
  • I'm not aware of such resource. First, make sure you are able to do even a [single-hop port forwarding](http://stackoverflow.com/q/37357602/850848). – Martin Prikryl May 21 '16 at 05:55
  • I am able to do single hop – curio17 May 21 '16 at 19:20
  • Well, your other question looks like you are not. Unless by a "single hop" you mean a direct connection. – Martin Prikryl May 21 '16 at 19:33
  • I am able to connect to the gateway(immediate server). But from there when I port forward and try to create a session on the next server, It says connection closed by foreign host. – curio17 May 22 '16 at 02:37
  • Sure, that's what I've meant by "direct connection". I've asked you for additional information in your other question. You didn't provide any, so far. – Martin Prikryl May 22 '16 at 05:46