A websocket-based ssh multi-channel tcp proxy method

A multi-channel, channel technology, applied in the field of network security

Active Publication Date: 2021-08-20
CHENGDU DBAPP SECURITY
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The purpose of the present invention is to provide a WebSocket-based SSH multi-channel TCP proxy method for solving the problem of safe and efficient TCP transmission in complex networks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A websocket-based ssh multi-channel tcp proxy method
  • A websocket-based ssh multi-channel tcp proxy method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0055]The present invention is realized through the following technical solutions, as Figure 1-Figure 2 As shown, a WebSocket-based SSH multi-channel TCP proxy method specifically includes the following steps:

[0056] Step F1: the client establishes a WebSocket connection with the server;

[0057] Step F2: the client and the server use the established WebSocket connection to establish an SSH connection;

[0058] Step F3: The client establishes a TCP proxy according to the configuration and waits for the TCP connection;

[0059] Step F4: The user accesses the address and port of the client for TCP access, creates a new TCP connection and opens the SSH channel, and the client sends the TCP connection data stream to the server through the SSH channel;

[0060] Step F5: The server monitors the sending and receiving information, creates a new channel, and receives the transfer proxy configuration rules of the client; sends out a TCP connection request according to the proxy con...

Embodiment 2

[0066] This embodiment is further optimized on the basis of the above embodiments, such as Figure 1-Figure 2 As shown, the step F1 specifically includes the following steps:

[0067] Step F11: the HTTP server on the server monitors and supports WebSocket upgrade;

[0068] Step F12: The client connects to the HTTP server listening port of the server, and the client and the server negotiate to upgrade to a WebSocket connection.

[0069] The client includes a WebSocket client module, and the server includes a WebSocket service module; the function of the WebSocket client module is: responsible for creating a new WebSocket connection, providing cache for the data stream carried, copying the data stream, and connecting to the SSH client; The functions of the WebSocket service module described above are: monitor and be responsible for receiving WebSocket connection requests, provide cache for the carried data stream, copy the data stream, and connect to the SSH server.

[0070] I...

Embodiment 3

[0073] This embodiment is further optimized on the basis of the above embodiments, such as Figure 1-Figure 2 As shown, the step F2 specifically includes the following steps:

[0074] Step F21: After the server successfully establishes the WebSocket connection, use the WebSocket connection to establish an SSH server on the server;

[0075] Step F22: The SSH server establishes and loads an SSH connection service module, an SSH authentication service module, and an SSH channel management module;

[0076] Step F23: the SSH authentication service module loads the authentication configuration information of the server, and waits for a connection request from the client;

[0077] Step F24: After successfully establishing the WebSocket connection, the client uses the WebSocket connection to establish an SSH client at the client;

[0078] Step F25: The SSH client establishes and loads an SSH connection control module, an SSH authentication request module, and an SSH channel request ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a WebSocket-based SSH multi-channel TCP proxy method, which relates to the technical field of network security. A WebSocket connection is established between a client and a server, and an SSH channel is established based on the WebSocket connection; the client establishes and connects according to proxy configuration rules TCP proxy; the user accesses the TCP proxy, completes the connection between the user and the TCP proxy and opens the SSH channel, and the client flows the TCP connection data to the server through the SSH channel; the server monitors and establishes a new channel to the SSH channel, and receives the client's proxy configuration Rules, initiate a TCP connection request to the external remote server according to the proxy configuration rules, and copy the data stream to the newly created channel; the corresponding data of the remote server is returned according to the original path. The invention is used to solve the problem of safe and efficient TCP transmission in complex networks. The intermediate channel between the client and the server is based on WebSocket negotiated by HTTP, which has good penetration; the intermediate channel only needs to maintain a TCP connection, which has good Encapsulation and concealment.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a WebSocket-based SSH multi-channel TCP proxy method. Background technique [0002] With the rapid development of the SDN industry, SDN technology is not only widely used in physical switching networks, but also deeply integrated in cloud computing and containerized applications. This has broken the traditional network structure, and the network structure can be described by rules. Redefining, the complexity of the entire network has increased unprecedentedly. However, in complex networks, it is usually used for traffic shaping acceleration, application security risk control and other purposes to analyze and control layer 2-7 traffic, which makes the credibility of complex networks and the connectivity between network elements become issues that need to be solved at the same time. question. [0003] The HTTP protocol is the most widely used network protocol on the Inte...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 姜毅范渊吴永越郑学新刘韬
Owner CHENGDU DBAPP SECURITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap