agebrock / tunnel-ssh Goto Github PK

Right now keepAlive is "all or nothing" - what about if it's a number, that's the amount of time after the last closure to shut down the tunnel?

Shouldn't server.close() take a callback when all of the connections have been shut down? I notice that you call end() on the underlying connections, but if they return false, don't wait for continue.

This may be the source of errors in a test suite I have, which is getting sporadic hanging and/or errors when it opens and closes many connections. Also, I will be deploying to aws lambda, and do want to know if I really have a crisp shutdown without any data lost, without having to linger if connection is already closed.

https://travis-ci.org/agebrock/tunnel-ssh

How do you shutdown a tunnel? I'd like to be able to open a tunnel, run a mysql/mongo query, get the results, and shutdown the tunnel.

I didn't see any methods in index.js to provide such a feature, thoughts?

Hi I'm trying to connect using your sample code. But I'm using a 4096 bit rsa key (openssh) and I'm getting the following error -

Error: Cannot parse privateKey: Unsupported key format

Error: Cannot parse privateKey: Unsupported key format at Client.connect (~/sshtunnel/node_modules/ssh2/lib/client.js:146:13) at start (~/sshtunnel/node_modules/tunnel-ssh/lib/tunnel.js:36:14) at Client.client.createStream (~/sshtunnel/node_modules/tunnel-ssh/lib/tunnel.js:64:12) at Server.<anonymous> (~/sshtunnel/node_modules/tunnel-ssh/lib/tunnel.js:148:12) at Server.g (events.js:260:16) at emitNone (events.js:67:13) at Server.emit (events.js:166:7) at emitListeningNT (net.js:1260:10) at doNTCallback1 (node.js:430:9) at process._tickCallback (node.js:352:17) at Function.Module.runMain (module.js:469:11) at startup (node.js:136:18) at node.js:963:3

Thanks in advance for your help.

Before a few weeks ago, I used tunnel.tunnel to map remote port to localhost. However, now the docs suggest to do just tunnel. However, when I just do tunnel instead of tunnel.tunnel, it gives me this error:

tunnel(config, function(e, sshTunnel) {
^

TypeError: tunnel is not a function

However, when I use tunnel.tunnel instead, it doesn't give a syntax error -- but, the callback in the function is not called at all.

I'm using version 3.2.1-beta. Is this a version issue?

I am trying to capture the ready event from the connection but the function tunnel.reverse() always return undefined.

var conn = tunnel.reverse({
  host: host,
  username: 'root',
  dstHost: '0.0.0.0', // bind to all interfaces (see hint in the readme)
  dstPort: dstPort,
  //localHost: '127.0.0.1', // default
  //localPort: localPort
}, function(error, clientConnection) {
  console.log(clientConnection._forwarding);
});

//This fails since conn is undefined
conn.on('ready', function(){
}); 

var sshTunnel = this.tunnel({
        host: 'xxxx',
        sshPort: 22,
        dstPort: 3305,
        username: 'xxxx',
        privateKey: require('fs').readFileSync('/Users/alex/.ssh/id_rsa'),
        keepAlive: true
}, function(error, result) {

        console.log('Connected to SSH mysql tunnel', result);
});

Throws Error: Encrypted private key detected, but no passphrase given

Currently I am using these two modules

• Websockify; webSocket to TCP proxy javascript for Node.js

• plink.exe; SSH client with port redirect for windows

In order to open a web socket connection with a remote VNC server (port 5900). To achieve that currently I use plink to create a ssh tunnel to a remote VNC server and redirect the remote port 5900 over ssh tunnel.

This is the plink command I execute:

plink.exe -L 3333:localhost:5900 -i key.ppk user@remotehost -pw passphrase

And I would like to integrate that plink functionality into the websockify script.

Would that be possible with tunnel-ssh?
Thanks in advance :)

When I try to establish concurrent connections through the same ssh tunnel using a tunnel-ssh module in low vpn speed access, after about 10 connections, I start to receive ECONNRESET error. This error leads to many CLOSE_WAIT tcp connections (netstat) that remain blocked forever. I ran this scenario using node versions 7, 8, 10 and 11.

The error happens in outbound connections (sshConnection). Once it take place, the outbound connection receives "close" event that does not reflect the inbound connection (netConnection), that remains active. Even if I try to close the tunnel (what is not desirable, since I may have healthy connections in it) it does not emit close event, probably keeping this tunnel locked, since the server side still has established incoming connections. Checking server object is possible to verify that it has active connections (same amount in CLOSE_WAIT state).

The error that the application receives is related to the tunnel itself and does not distinguish any specific connection, so it is not possible to easily pinpoint and close the failed connections in application level. In this situation the event:

netConnection.emit('sshConnection', sshConnection, netConnection);

is not set, since sshConnection ready event never ocurred, because of the error. If this line is moved out of the "sshConnection.on ready" context, it will be possible to bind netConnection to sshConnection in this situation.

Another idea is to treat sshConnection close event, destroying netConnection associated to it. Note that by my tests netConnection.end() method is not enough to clear the connection reference in server object, only netConnection.destroy() makes it.

As a workaround I saved aside all connections received in "netConnection" event, until I receive ECONNRESET in the application. I timed out for a while to wait for tcp states to be changed, then checked /proc/net/tcp for CLOSE_WAIT connections. I compare them to the netConnections I was notified and force netConnection.destroy() to release it. Pretty ugly workaround, but it seems to be working for me.

I hope this can be helpfull to fix this problem

Thanks in advance

When you try to create tunnel with server configured to use MFA it's not possible to enter the code and connect. Any idea to sove that?

Is it possible to tunnel several ports with single connection to the server?

I think debug dependency should be updated again, if you check using nsp will give an vulnerability error, because unfortunately you've chose a low level risk version

> nsp check

remote:                
remote:        (+) 1 vulnerabilities found        
remote:        ┌───────────────┬─────────────────────────────────────────────────────────────────┐        
remote:        │               │ Regular Expression Denial of Service                            │        
remote:        ├───────────────┼─────────────────────────────────────────────────────────────────┤        
remote:        │ Name          │ debug                                                           │        
remote:        ├───────────────┼─────────────────────────────────────────────────────────────────┤        
remote:        │ CVSS          │ 3.7 (Low)                                                       │        
remote:        ├───────────────┼─────────────────────────────────────────────────────────────────┤        
remote:        │ Installed     │ 2.6.0                                                           │        
remote:        ├───────────────┼─────────────────────────────────────────────────────────────────┤        
remote:        │ Vulnerable    │ <= 2.6.8 || >= 3.0.0 <= 3.0.1                                   │        
remote:        ├───────────────┼─────────────────────────────────────────────────────────────────┤        
remote:        │ Patched       │ >= 2.6.9 < 3.0.0 || >= 3.1.0                                    │        
remote:        ├───────────────┼─────────────────────────────────────────────────────────────────┤        
remote:        │ Path          │ [email protected] > [email protected] > [email protected] … │        
remote:        ├───────────────┼─────────────────────────────────────────────────────────────────┤        
remote:        │ More Info     │ https://nodesecurity.io/advisories/534                          │        
remote:        └───────────────┴─────────────────────────────────────────────────────────────────┘

Hi

I've applied code to a MEAN.JS stack app which goes like this:

var config = {
    username:'jorge',
    host:'127.0.0.1',
    agent : process.env.SSH_AUTH_SOCK,
    privateKey:require('fs').readFileSync('/Users/jorge/.ssh/id_rsa'),
    port:22,
    dstPort:27017,
	password:'xxxxxxxxx',
	passphrase:'yyyyyyyy'
};

var server = tunnel(config, function (error, server) {
    if(error){
        console.log("SSH connection error: " + error);
    }
    mongoose.connect('mongodb://localhost:27017/webapplication');

    var db = mongoose.connection;
    db.on('error', console.error.bind(console, 'DB connection error:'));
    db.once('open', function() {
        // we're connected!
        console.log("DB connection successful");
    });
		
	// Init the express application
	var app = require('./config/express')(db);
	
	// Start the app by listening on <port>
	app.listen(8443);
	
	// Expose app
	exports = module.exports = app;
});

MEAN.JS application started on port 22

Securely using https protocol

events.js:141
throw er; // Unhandled 'error' event
^

Error: read ECONNRESET
at exports._errnoException (util.js:907:11)
at TCP.onread (net.js:558:26)

Trying to connect to a remote RethinkDB server on Compose.io. Compose gives a specific port to connect to the ssh server. In a bash command like [email protected] -p XXXXX. I thought I could use the sshPort config variable like this

uiConfig =
  privateKey: key
  username: username
  sshPort: sshPort
  host: host
  srcHost: composeConfig.ip
  srcPort: composeConfig.uiPort
  dstPort: localConfig.uiPort
  dstHost: localConfig.ip
  keepAlive: true
uiTunnel = tunnel uiConfig, (e, uiTunnel)->
  if e
    console.log 'TUNNEL ERROR >>>>', e.message
  else
    console.log 'UI TUNNEL CONNECTED'

When the server connects I get
Error: getaddrinfo ENOTFOUND [email protected] [email protected]:22

Is this because config.sshPort is defaulting to port 22?

I have a couple of suggestions:

• avoid tunnel() altering (adding) the config properties (i have noticed that that in some cases). This might create regression issues for those who are relying on this undocumented functionality.
• instead, what about adding a config property/method to the Server object returned by tunnel(), so the original config params can be retrieved from the tunnel itself?

Samples in documentation define callback as:

var server = tunnel({host: '172.16.0.8', dstPort: 3306}, function (error, result) {

but tunnel() code calls the callback as (result, error):

  try {
    var config = createConfig(configArgs);
  } catch ( e ) {
    if (callback) {
      callback(null, e);
    } else {

I initially had an issue with privateKey because I naively thought I could pass a string path to a privkey, but this would throw Error: Cannot parse privateKey: Unsupported key format from inside ssh2. I ultimately got it to work by using fs and loading the file that way. It might be worth mentioning this in the examples.

(I'd happily submit a PR using this technique in conjunction with a new field like privateKeyPath or something but that would add a dependency on fs.)

Thanks for this package!

TypeError: Object #<Object> has no method 'then'
    at Object.createTunnel [as reverseTunnel] (/Users/scriby/sourcecode/test/node_modules/tunnel-ssh/lib/reverse.js:7:45)

Line 7 of reverse.js is return cfg.setReverseDefaults(userConfig).then(function(config) {.

As far as I can tell setReverseDefaults does not return a promise, so this code errors.

When passing the incorrect private key file, the error thrown("Error: All configured authentication methods failed") is not captured inside the function callback. But able to capture it as part of "error" event outside callback.

let tunnelsshConfig = {
username: sshUserName,
host: sshHostName,
port: 22,
dstHost: '127.0.0.1',
dstPort: 27017,
localHost: '127.0.0.1',
localPort: xxxx8,
privateKey: privateKeyFile
}

tunnel(tunnelsshConfig, function(sshError, mongoServer) {
if (sshError) {
console.log("sshError");
console.log(error);
dbConnectStatus = "false";
callback(null);
} else {
console.log("Successful Connection");
// Successful Code
}
});

Calling mongoose.connect inside of tunnel callback seems to be causing authentication errors. If i remove mongoose.connect no error are displayed.

I have also tried to use monk instead of mongoose but the same error pops up when monk('user:pass@localhost:port/mydb') is called

const tunnel_config = {
	username:'user',
	Password:'XXX',
	host: 'XX.XXX.XXX.XXX',
	dstHost: '127.0.0.1',
	port: 22,
	localPort: 27017,
	dstPort: 27017,
	localHost: '127.0.0.1'
};

const mongoInfo = {
    user: 'XXXX',
    pass: 'XXXXX',
    port: 27017,
    uri: '127.0.0.1',
    db: 'XXX'
}

const db_info = `${mongoInfo.user}:${mongoInfo.pass}@${mongoInfo.uri}:${mongoInfo.port}/${mongoInfo.db}`;


let connection = tunnel(tunnel_config, function (error, connection) {
    
    if(error){
        console.log("SSH connection error: " + error);
	}
    
    mongoose.connect('mongodb://user:[email protected]:27017/XXX'); //this here seems to be causing the error
   monk('user:pass@localhost:port/mydb')  // causes same error
});

{ Error: All configured authentication methods failed
    at tryNextAuth (/Users/ivan/Workspace/Bitbucket/p-004-analysis/step_01/node_modules/ssh2/lib/client.js:376:17)
    at SSH2Stream.onUSERAUTH_FAILURE (/Users/ivan/Workspace/Bitbucket/p-004-analysis/step_01/node_modules/ssh2/lib/client.js:587:5)
    at SSH2Stream.emit (events.js:160:13)
    at parsePacket (/Users/ivan/Workspace/Bitbucket/p-004-analysis/step_01/node_modules/ssh2-streams/lib/ssh.js:3929:10)
    at SSH2Stream._transform (/Users/ivan/Workspace/Bitbucket/p-004-analysis/step_01/node_modules/ssh2-streams/lib/ssh.js:669:13)
    at SSH2Stream.Transform._read (_stream_transform.js:185:10)
    at SSH2Stream._read (/Users/ivan/Workspace/Bitbucket/p-004-analysis/step_01/node_modules/ssh2-streams/lib/ssh.js:251:15)
    at SSH2Stream.Transform._write (_stream_transform.js:173:12)
    at doWrite (_stream_writable.js:407:12)
    at writeOrBuffer (_stream_writable.js:393:5)
    at SSH2Stream.Writable.write (_stream_writable.js:290:11)
    at Socket.ondata (_stream_readable.js:646:20)
    at Socket.emit (events.js:160:13)
    at addChunk (_stream_readable.js:269:12)
    at readableAddChunk (_stream_readable.js:256:11)
    at Socket.Readable.push (_stream_readable.js:213:10) level: 'client-authentication' }

Is this possible with tunnel-ssh?

I've done similar things with proxies, but was hoping to do something completely in code for development and testing.

Here is my question on Stack Overflow

I basically want to run a node script on my local machine (a) that will connect to a remote server (b) and then make api requests to another server (c) as if they came from (b).

Thanks! and sorry for polluting your issue board with this question.

We have a few attributes available in the config that are not clearly diffentiated:

host
port
dstHost
dstPort
localHost
localPort

How do I connect my localhost (127.0.0.1)
to a remote server (10.10.10.10, username: foo, password: bar)
with a MySQL instance (mysql user: foo, mysql pass: bar, mysql db: my_db, mysql port: 2222)?

In command line, I can do: ssh -L 2222:localhost:2222 [email protected], and then enter my password. Then in NodeJS, I would just connect to MySQL on port 2222 since it is tunneled.

how to connect to mongodb server via ssh tunnel with Proxy Jump (Bastion Host)

`Host host1
  Hostname xxxxxx.us-east-1.elb.amazonaws.com
  Port 2222
  User xxxx
  IdentityFile ~/.ssh/cert
  StrictHostKeyChecking no
  UserKnownHostsFile /dev/null
  KeepAlive yes
  ServerAliveInterval 30
  ServerAliveCountMax 30

Host test2
  Hostname xx.xxx.xx.xxx
  ProxyCommand  ssh.exe host1  -q -W %h:%p host1
  User ubuntu
  IdentityFile ~/.ssh/cert
  KeepAlive yes
  StrictHostKeyChecking no
  UserKnownHostsFile /dev/null
  ServerAliveInterval 30
  ServerAliveCountMax 30

`

I have an ssh config file like this. I have a proxy jump to host1 from test2.

var config = {
    username:'ubuntu',
    host:'xx.xxx.xx.xxx',
    agent : process.env.SSH_AUTH_SOCK,
    privateKey:require('fs').readFileSync('~/.ssh/cert'),
    port:22,
    dstPort:27017
};

var server = tunnel(config, function (error, server) {
  
});

how can I enter ProxyCommand details here?

When I try to forward a local port to a remote host with this module and some hosts refuse to connect and I get the following error (DEBUG):

   Error: (SSH) Channel open failure: Connection refused
       at SSH2Stream.onFailure (c:\vncclient\node_modules\ssh2\lib\client.js:1186:13)
       at Object.onceWrapper (events.js:315:30)
       at emitOne (events.js:116:13)
       at SSH2Stream.emit (events.js:211:7)
       at parsePacket (c:\vncclient\node_modules\ssh2-streams\lib\ssh.js:3708:10)
       at SSH2Stream._transform (c:\vncclient\node_modules\ssh2-streams\lib\ssh.js:669:13)
       at SSH2Stream.Transform._read (_stream_transform.js:186:10)
       at SSH2Stream._read (c:\vncclient\node_modules\ssh2-streams\lib\ssh.js:251:15)
       at SSH2Stream.Transform._write (_stream_transform.js:174:12)
       at doWrite (_stream_writable.js:387:12) +0ms

the 'ready' event is hit but then the forwardOut() fails and therefore the sshstream cannot be piped to the connection.

This is my implementation I provide the configuration and wait for the 'listening' event and then create a new connection to the tunnel.

   const config = {
        username: 'myuser',
        privateKey: fs.readFileSync('file.ppk'),
        passphrase: 'mypasphrase',
        host: target_host,
        dstPort: 5900,
        localPort: 0,
        localHost: 'localhost',
        readyTimeout: 99999,
        srcHost: 'localhost',
        port: 22,
    };
    sshtunnel = tunnel(config, function (error, server) {
        if (error) {console.log('error');
    });
    sshtunnel.on('listening', function () { 
        net.createConnection(sshtunnel.address().port, sshtunnel.address().address, function () {
        });
 });

The above code works with some hosts but others Refuse, and all host are identical. I already spent 3 full days on this issue.

This is the complete debug output from tunnel-ssh:

  tunnel-ssh sshConnection:ready +224ms
Error found on ssh tunnel: { Error: (SSH) Channel open failure: Connection refused
    at SSH2Stream.onFailure (c:\vncclient\node_modules\ssh2\lib\client.js:1186:13)
    at Object.onceWrapper (events.js:315:30)
    at emitOne (events.js:116:13)
    at SSH2Stream.emit (events.js:211:7)
    at parsePacket (c:\vncclient\node_modules\ssh2-streams\lib\ssh.js:3708:10)
    at SSH2Stream._transform (c:\vncclient\node_modules\ssh2-streams\lib\ssh.js:669:13)
    at SSH2Stream.Transform._read (_stream_transform.js:186:10)
    at SSH2Stream._read (c:\vncclient\node_modules\ssh2-streams\lib\ssh.js:251:15)
    at SSH2Stream.Transform._write (_stream_transform.js:174:12)
    at doWrite (_stream_writable.js:387:12) reason: 'CONNECT_FAILED', lang: '' }
  tunnel-ssh Destination port: { Error: (SSH) Channel open failure: Connection refused
    at SSH2Stream.onFailure (c:\vncclient\node_modules\ssh2\lib\client.js:1186:13)
    at Object.onceWrapper (events.js:315:30)
    at emitOne (events.js:116:13)
    at SSH2Stream.emit (events.js:211:7)
    at parsePacket (c:\vncclient\node_modules\ssh2-streams\lib\ssh.js:3708:10)
    at SSH2Stream._transform (c:\vncclient\node_modules\ssh2-streams\lib\ssh.js:669:13)
    at SSH2Stream.Transform._read (_stream_transform.js:186:10)
    at SSH2Stream._read (c:\vncclient\node_modules\ssh2-streams\lib\ssh.js:251:15)
    at SSH2Stream.Transform._write (_stream_transform.js:174:12)
    at doWrite (_stream_writable.js:387:12) reason: 'CONNECT_FAILED', lang: '' } +6ms 

I'm running on a windows server 2012 with Node.js version 8.9.0 and the remote hosts are Linux 2.6.15.

when using an encrypted private key following Error is thrown when using the example config from readme
throw new Error('Encrypted private key detected, but no passphrase given');

The readme suggests using "password" in the config, though "passphrase" is the correct key.

The version published on npm is out of date with master. For example this fix is currently not available on the npm package - 76379ea

Can you please publish a new version?

Thanks!

Sorry to trouble you .

Usually , I login in my reomte machine with ssh test , and do some job with mysql .But now I want to do this job in my local machine . I try to make it work , but I have trouble .

My ssh config is

Host test
    HostName 121.201.1.111
    User test
    Port 12528
    IdentityFile ~/.ssh/id_rsa

My remote mysql config is

    host: 'localhost',
    user: 'db_test',
    password: 'db_password',
    database: 'db_name',

And all my code is here

var tunnel = require('tunnel-ssh');
var  mysql = require('mysql');
  var server = tunnel({
      host: '121.201.1.111',
      dstPort: 12528
    }, function (error, result) {
      if(error) {
        return console.log(error)
      }
      // This is ok ,  
      console.log('connected',result);

       // this is not work
      var connection = new mysql.createConnection({
        host: 'localhost',
        database: "db_name",
        user: "db_test",
        password: "db_password"
      });

      var sql = "select count(*) as total from accounts  ";

      connection.query(sql, function(err, rows, fields) {
        if (err) {
            console.log(err);
            return ;
        }
        console.log(rows)
      });
  });

I can connect with my ssh machine ,but i can't connect with mysql . What the problem is ?

The error is like below , when i changed mysql host from localhost to 121.201.1.111

{ [Error: connect ETIMEDOUT]
  errorno: 'ETIMEDOUT',
  code: 'ETIMEDOUT',
  syscall: 'connect',
  fatal: true }

or below , when the host is localhost

[Error: ER_ACCESS_DENIED_ERROR: Access denied for user 'db_test'@'localhost' (using password: YES)]
  code: 'ER_ACCESS_DENIED_ERROR',
  errno: 1045,
  sqlState: '28000',
  fatal: true }

Hope you can help me . Thanks a lot .

Hi all,
I am trying to make two configs so that I could use Neo4j database. However, I don't know whether I can do that or not, here is my code:

const neo4j = require('neo4j-driver').v1;
const sshTunnel = require('tunnel-ssh');
const path = require('path');
const fs = require('fs')


const directoryPath = path.join(__dirname, '../my-private-key');

const configA = {
    host: 'my-ssh-host',
    port: 22,

    username: 'my-ssh-userName',
    privateKey: fs.readFileSync(directoryPath),
    passphrase: 'my-passphrase',

    dstHost: 'my-ssh-host',
    dstPort: 7474,

    localHost: 'localhost',
    localPort: 7474,

    keepAlive: true
};

// console.log(fs.readFileSync(directoryPath))

const configB = {
    host: 'my-ssh-host',
    port: 22,

    username: 'my-ssh-userName',
    privateKey: fs.readFileSync(directoryPath),
    passphrase: 'my-passphrase',

    dstHost: 'my-ssh-host',
    dstPort: 7687,

    localHost: 'localhost',
    localPort: 7687,

    keepAlive: true
};

const serverPortA = sshTunnel(configA, async  (error, server) => {
    if (error) {
        console.log("error")
    } else {
        // console.log(server)
    }
});

const serverPortB = sshTunnel(configB, async  (error, server) => {
    if (error) {
        console.log("error")
    } else {
        // console.log(server)
    }
});




exports.Neo4jTest = async (nodes) => {
    const driver = neo4j.driver("bolt://localhost", neo4j.auth.basic("userName", "password"));
    const session = driver.session();
    console.log(2)
    nodes.map(node => {
        session
            .run(
                'CREATE (a:MOVIE {name: $name, level: $level}) RETURN a',
                {
                    name: node.name,
                    level: node.level
                }
            )
            .then(result => {
                console.log(3)
                session.close();

                const singleRecord = result.records[0];
                const node = singleRecord.get(0);

                console.log('done')
                // on application exit:
                driver.close();
            })
            .catch(err => {
                console.log(4)
                console.log(err)
            });
    })

};

It was response nothing when I call the method Neo4jTest(). I don't know whether I can use sshTunnel object to make two ports as tunnel

Hi,

I have encountered an issue when using our package with node 10.8.0. I got this error:

D:\Code\Node JS\braces-easy-way\node_modules\ssh-tunnel\node_modules\require-dir\index.js:93
            if (!require.extensions.hasOwnProperty(ext)) {
                                    ^

TypeError: require.extensions.hasOwnProperty is not a function
    at requireDir (D:\Code\Node JS\braces-easy-way\node_modules\require-dir\index.js:93:37)
    at new App (D:\Code\Node JS\braces-easy-way\node_modules\ssh-tunnel\lib\app.js:38:19)
    at Object.<anonymous> (D:\Code\Node JS\braces-easy-way\node_modules\ssh-tunnel\lib\app.js:26:28)
    at Module._compile (internal/modules/cjs/loader.js:689:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:700:10)
    at Module.load (internal/modules/cjs/loader.js:599:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:538:12)
    at Function.Module._load (internal/modules/cjs/loader.js:530:3)
    at Module.require (internal/modules/cjs/loader.js:637:17)
    at require (internal/modules/cjs/helpers.js:20:18)

I did research a lot, but couldn't solve this problem.
So anyone has any solutions?
Thank you guys for helping and creating a wonderful package.

I'm trying to use this in conjunction with https://github.com/sidorares/node-mysql2 to connect to 2 different mysql servers on separate hosts, each via their own ssh tunnel.

However, what seems to happen is that as soon as the second connection is established, the first is dropped. I noticed the keepAlive setting, although this doesn't seem to do what I thought it would and the first connection are still dropped as soon as the second is opened.

Hi,

I'm using tunnel-ssh in a project and I found a critical issue on it, luckily the issue was already fixed however it's been a while since you don't generate a new version. Considering the commits after version 1.1.0 have breaking changes can you publish version 2.0.0 with all fixes?

In the meanwhile I will be pointing directly to your git repository (master branch).

Thanks!

Hi

I am getting an error after a connection is successfully connected. I am pretty sure the host is closing the connection, which is fine, but the error is not being caught in the .on error.

tunnel(config, function(){
   // I get here
}).on('error', function(error){
  // I dont get here
})

This is what I get as output when the app crashed:

events.js:141
      throw er; // Unhandled 'error' event
      ^

Error: read ECONNRESET
    at exports._errnoException (util.js:874:11)
    at TCP.onread (net.js:544:26)

Please, we need help to how use the new version 3 because the API is changed without notice.

var tunnel = require('tunnel-ssh');
var config = {
    username:'root',
    password:'secret',
    host:'remote.mysql.server.com',
    port:3306
}

tunnel(config, function(e, sshTunnel){
    //Now, you should be able to connect to the tunnel via localhost:3336.
});

This code is now:

var tunnel = require('tunnel-ssh');
var config = {
    username:'root',
    password:'secret',
    host:'remote.mysql.server.com',
    port:3306
}

tunnel.tunnel(config, function(e, sshTunnel){
    //Now, you should be able to connect to the tunnel via localhost:3336.
});

In trying to connect to a remote server, I have config that looks like this:

var server = tunnel({
    remoteHost: '127.0.0.1',
    remotePort: 3306,
    localPort: 33333,
    verbose: true,
    sshConfig: {
        host: 'REMOTE-IP',
        username: 'USER',
        port: 22,
        privateKey: require('fs').readFileSync('/key/to/id_rsa'),
    }
});

Every time I attempt to connect, it gives me the error Cannot read property 'localPort' of undefined.

What am I doing wrong here?

can I do a tunnel reverse?

The example in index.js doesn't work for me.

    server.on('sshStream', function (sshStream, sshConnection, netConnection, server) {
      console.log(server);

      sshStream.on('close', function () {
        console.log('TCP :: CLOSED');
        netConnection.end();
        server.close();
      });
    });

I've not been able to get tunnel-ssh to work. I always get a connection refused error. I'm using node v10.15.1.

Here is the output:

When using the exact same configuration for other SSH tasks it does work. Any help would be greatly appreciated.

Hello!

Right now I run this scenario:

1. Start connection with the wrong password
2. Callback called error=null
3. After some time (2 - 3 seconds) error event received

So, I need to start a timeout (it can be more than 3 seconds) to wait for a proper connection status.

My application wants to know a connection status (success/error) as soon as possible. What is the solution?

I'm trying to set up a tunel for another program I'm invoking via spawSync from child_process. I can get the tunnel to work correctly for node commands; however, poking around with strace and lsof, it looks like the node process never even opens the remote connection in this situation (it is listening on the local socket, and the program I'm invoking does seem to connect to it, but then gets stuck in what I think is the SSL handshake. The last lines of output before it hangs are:

socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 4
setsockopt(4, SOL_TCP, TCP_NODELAY, [1], 4) = 0
fcntl(4, F_SETFL, O_RDONLY|O_NONBLOCK)  = 0
fcntl(4, F_SETFD, FD_CLOEXEC)           = 0
setsockopt(4, SOL_SOCKET, SO_KEEPALIVE, [1], 4) = 0
connect(4, {sa_family=AF_INET, sin_port=htons(61578), sin_addr=inet_addr("127.0.0.1")}, 16) = -1 EINPROGRESS (Operation now in progress)
poll([{fd=4, events=POLLOUT|POLLERR}], 1, -1) = 1 ([{fd=4, revents=POLLOUT}])
getsockopt(4, SOL_SOCKET, SO_ERROR, [0], [4]) = 0
getsockname(4, {sa_family=AF_INET, sin_port=htons(34016), sin_addr=inet_addr("127.0.0.1")}, [16]) = 0
poll([{fd=4, events=POLLOUT|POLLERR}], 1, -1) = 1 ([{fd=4, revents=POLLOUT}])
sendto(4, "\0\0\0\10\4\322\26/", 8, MSG_NOSIGNAL, NULL, 0) = 8
poll([{fd=4, events=POLLIN|POLLERR}], 1, -1

Any ideas what might be up? Or how to work around it?

I'm setting keepAlive: true and connecting to the server. After a successful connection, I turn off my Wifi, so tunnel throws an error. Then I turn on the Wifi and expecting my code to reconnect, but nothing happens. The listening port created on localhost by tunnel is kept open though.

Here is my code:

require! 'tunnel-ssh': tunnel

config =
    username: \mysshuser
    host: \example.com
    port: 1234 
    privateKey:require('fs').readFileSync("#{process.env.HOME}/.ssh/id_rsa")
    keep-alive: yes
    dst-host: \localhost
    dst-port: 5589

t = tunnel config, (err, server) ->
    if err
        console.error "Something went wrong while opening tunnel: ", err
    else
        console.log "Tunnel succeeded"

t.on \error, (err) ->
    console.error "something went wrong"

# my application code goes here

Why doesn't keepAlive keeps the connection alive after a network failure?

Hi, there are a couple of typos in the README.md examples. The user config option should be username, ie:

Under "Config example":

    var config = {
      user:'root',
      host:sshServer,
      port:22,
...

and under "Sugar configuration":

    var config = {
      user:'root',
      dstHost:destinationServer,
      dstPort:27017
    };

If you pass the user config option and not the username config option, the following is used by tunnel-ssh instead:

username: env.TUNNELSSH_USER || env.USER || env.USERNAME,

Which obviously may lead to authentication failures.

Thanks.

The following is my code. None of them are working.

the Error message is

hi Server {
  _events:
   [Object: null prototype] { connection: [Function], close: [Function] },
  _eventsCount: 2,
  _maxListeners: undefined,
  _connections: 0,
  _handle:
   TCP {
     reading: false,
     onread: null,
     onconnection: [Function: onconnection],
     [Symbol(owner)]: [Circular] },
  _usingWorkers: false,
  _workers: [],
  _unref: false,
  allowHalfOpen: false,
  pauseOnConnect: false,
  _connectionKey: '4:127.0.0.1:49000',
  [Symbol(asyncId)]: 13 }


{ Error: connect ETIMEDOUT 10.0.0.235:5432
    at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1083:14)
  errno: 'ETIMEDOUT',
  code: 'ETIMEDOUT',
  syscall: 'connect',
  address: '10.0.0.235',
  port: 5432 }

const fs = require('fs');
const pg = require('pg');
const Pool = pg.Pool;
const path = require('path');

/**
 * Load CONFIG to global
 */
const CONFIG = {}
require('../config')(CONFIG);


let pool, tnl; 
    
    const tunnel = require('tunnel-ssh');
    

    const sshConfig = {
        username: CONFIG.remote.user,
        host: CONFIG.remote.host,
        port: CONFIG.remote.port,
        privateKey: fs.readFileSync(path.join(__dirname, `/.ssh/${CONFIG.remote.privateKey}`)),
        keepaliveInterval: 60000,
        keepAlive: true,
        dstHost: CONFIG.db.host,
        dstPort: CONFIG.db.port,
        localPort: 54000,
    };

    console.log(sshConfig);
    

    tnl = tunnel(sshConfig, async function(error, server) {
        if(error){
            throw Error("SSH connection error: " + error);
        }

        console.log('hi', server);
        

      // Method 1:
        const connectionString = `postgres://friend:E@[email protected]/stellar_federation`;

        const client = new pg.Client(connectionString);
        client.connect();

        client.query( 'SELECT * FROM users ORDER BY id ASC')
        .then(query => {
            console.log(query);
        
            query.on('end', () => { client.end(); });
            
        })
        .catch(console.error);


       // Method2:
        pool = new Pool({
            host: CONFIG.db.host,
            port: CONFIG.db.port,
            user: CONFIG.db.user,
            password: CONFIG.db.password,
            database: CONFIG.db.database,
        })
        
        pool.query('SELECT * FROM users ORDER BY id ASC')
        .then( results => {
            if (error) {
                throw error
            }
            console.log("\n PostgreSQL is connected! \n", results);
        })
        .catch(console.error);
        
    });

module.exports = pool;

See mysqljs/mysql#1029.

The connection seems to be alright, but I get this error when i try to access a database on the :tunnelled" port:
Error: Cannot parse privateKey: Unsupported key format

I'm not able to dump through a tunnel to a mongodb server...

This works:
ssh -L 27018:localhost:27017 localhost -N
mongodump --port=27018

This not:

const tunnel = require('tunnel-ssh');
const config = {
  username: 'usr',
  password: 'pwd',
  host: 'localhost',
  port: 22,
  dstHost: 'localhost',
  dstPort: 27017,
  localPort: 27016
};
tunnel(config, (err, tnl) => {
  console.log(err);
});

mongodump --port=27016

My actual more real use case works not on localhost but something like this:
equivalent ssh command for tunnel: ssh -L 44041:remotemongoserver:44147 user@remotesshserver -p 2222 -N
mongodump command: mongodump --host=localhost --port=44041 --username=dbuser --password=dbpassword --db=mydb --out=/Users/adrai/Projects/my-backuper/backups && mv /Users/adrai/Projects/my-backuper/backups/mydb /Users/adrai/Projects/my-backuper/backups/app-readmodel
And this works like you expect with ssh cli.

Do I miss something?

Hi,

Thank you for this, this is awesome.

Two minor things:

• In README.md, an example sshConfig is given with a property called passphrase. That should be password to work properly.
• And from NPM there is no direct link to this Git-repo, that would be nice too!

https://github.com/agebrock/tunnel-ssh/blob/f88fc8ea6de3156806e272ecf7326aad54ff1a77/index.js#L94-#L96

when the callback will be executed? just after the net server to be listened? instead of ssh ready? I am confused

Hello
I would like to ask you to please add the licence of your choice for tunnel-ssh.

As I can see in NPM states MIT (same as ssh):
https://www.npmjs.com/package/tunnel-ssh

but it's not clearly indicated in this repository.

Why is this important for us?
We need to ensure that we are able to use this tool and the lack of LICENCE can lead to legal confusion besides that we need the copyright notice included in the LICENCE.

Sorry to be picky with this request but is really important for us.
P.S: adding-a-license-to-a-repository

Thank you

When I load the "privatekey" and establish a connection I get the following error message:
Error: Cannot parse privateKey: Unsupported key format

I load the "privatekey" as follows:
privateKey: require('fs').readFileSync('/root/.ssh/id_rsa', { encoding: 'utf8' }).trim()

The private key begins with:
-----BEGIN OPENSSH PRIVATE KEY-----

Is this a Bug or what I make false?