SSH multi-channel TCP agent method based on WebSocket

A multi-channel, channel technology, applied in the field of network security, to achieve good compatibility and practicability, good encapsulation and concealment effects

Active Publication Date: 2019-05-17
CHENGDU DBAPP SECURITY
View PDF7 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The purpose of the present invention is to provide a WebSocket-based SSH multi-channel TCP proxy method for solving the problem of safe and efficient TCP transmission in complex networks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SSH multi-channel TCP agent method based on WebSocket
  • SSH multi-channel TCP agent method based on WebSocket

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0055]The present invention is realized through the following technical solutions, as Figure 1-Figure 2 As shown, a WebSocket-based SSH multi-channel TCP proxy method specifically includes the following steps:

[0056] Step F1: the client establishes a WebSocket connection with the server;

[0057] Step F2: the client and the server use the established WebSocket connection to establish an SSH connection;

[0058] Step F3: The client establishes a TCP proxy according to the configuration and waits for the TCP connection;

[0059] Step F4: The user accesses the address and port of the client for TCP access, creates a new TCP connection and opens the SSH channel, and the client sends the TCP connection data stream to the server through the SSH channel;

[0060] Step F5: The server monitors the sending and receiving information, creates a new channel, and receives the transfer proxy configuration rules of the client; sends out a TCP connection request according to the proxy con...

Embodiment 2

[0066] This embodiment is further optimized on the basis of the above embodiments, such as Figure 1-Figure 2 As shown, the step F1 specifically includes the following steps:

[0067] Step F11: the HTTP server on the server monitors and supports WebSocket upgrade;

[0068] Step F12: The client connects to the HTTP server listening port of the server, and the client and the server negotiate to upgrade to a WebSocket connection.

[0069] The client includes a WebSocket client module, and the server includes a WebSocket service module; the function of the WebSocket client module is: responsible for creating a new WebSocket connection, providing cache for the data stream carried, copying the data stream, and connecting to the SSH client; The functions of the WebSocket service module described above are: monitor and be responsible for receiving WebSocket connection requests, provide cache for the carried data stream, copy the data stream, and connect to the SSH server.

[0070] I...

Embodiment 3

[0073] This embodiment is further optimized on the basis of the above embodiments, such as Figure 1-Figure 2 As shown, the step F2 specifically includes the following steps:

[0074] Step F21: After the server successfully establishes the WebSocket connection, use the WebSocket connection to establish an SSH server on the server;

[0075] Step F22: The SSH server establishes and loads an SSH connection service module, an SSH authentication service module, and an SSH channel management module;

[0076] Step F23: the SSH authentication service module loads the authentication configuration information of the server, and waits for a connection request from the client;

[0077] Step F24: After successfully establishing the WebSocket connection, the client uses the WebSocket connection to establish an SSH client at the client;

[0078] Step F25: The SSH client establishes and loads an SSH connection control module, an SSH authentication request module, and an SSH channel request ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an SSH multi-channel TCP agent method based on WebSocket, and relates to the technical field of network security, webSocket connection is established between a client and a server, and then an SSH channel is established based on the WebSocket connection; the client establishes and connects a TCP agent according to the agent configuration rule; the user accesses the TCP agent, the connection between the user and the TCP agent is completed, an SSH channel is opened, and the client side flows TCP connection data to the server side through the SSH channel; the server monitors and establishes a new channel reaching the SSH channel, receives an agent configuration rule of the client, initiates a TCP connection request to an external remote server according to the agent configuration rule, and copies the data flow to the new channel; and the corresponding data of the remote server is returned according to the original path. The method is used for solving the problem ofsafe and efficient TCP transmission of a complex network, and an intermediate channel between a client and a server has good penetrability based on WebSocket negotiated by HTTP; and only one TCP connection needs to be kept in the intermediate channel, so that the packaging performance and the hiding performance are very good.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a WebSocket-based SSH multi-channel TCP proxy method. Background technique [0002] With the rapid development of the SDN industry, SDN technology is not only widely used in physical switching networks, but also deeply integrated in cloud computing and containerized applications. This has broken the traditional network structure, and the network structure can be described by rules. Redefining, the complexity of the entire network has increased unprecedentedly. However, in complex networks, it is usually used for traffic shaping acceleration, application security risk control and other purposes to analyze and control layer 2-7 traffic, which makes the credibility of complex networks and the connectivity between network elements become issues that need to be solved at the same time. question. [0003] The HTTP protocol is the most widely used network protocol on the Inte...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 姜毅范渊吴永越郑学新刘韬
Owner CHENGDU DBAPP SECURITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap