Skip to content
/ goxz Public

Go implementation of `ssh -D <port> <user>@<address> “ssh -R <remote-address>:<remote-port>:<address>:<port> <remote-user>@<remote-host> -p <remote-port>”`

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

aberestyak/goxz

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
.github/workflows
.github/workflows
 
 
.vscode
.vscode
 
 
cmd/goxz
cmd/goxz
 
 
pkg/cmd
pkg/cmd
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

goxz

Tool for creating ssh reverse tunnel on remote host to local SOCKS server. server mode is equivalent of: ssh -D <port> <user>@<address> “ssh -R <remote-address>:<remote-port>:<address>:<port> <remote-user>@<remote-host> -p <remote-port>”

client mode is equivalent of: ssh -L <remote-address>:<remote-port>:<address>:<port> <remote-user>@<remote-host> -p <remote-port>”

Forward UDP traffic over TCP:

  • Open additional UDP endpoint (CLIENT_HOST_UDP:CLIENT_PORT_UDP) on client
  • Open additional TCP_UDP endpoint (SERVER_HOST_TCP_UDP:SERVER_PORT_TCP_UDP should be availiable from client!) on server
  • Client dials SERVER_HOST_TCP_UDP:SERVER_PORT_TCP_UDP and forward traffic from local UDP endpoint to this connection
  • Server forwards traffic from TCP_UDP enpoint to specified UDP remote host (REMOTE_HOST_UDP:REMOTE_PORT_UDP) and send response over TCP back to client

Usage

goxz <server/client>

Specify following mandatory environment variables:

Server side:

ENV Meaning
BASTION_HOST_SSH Address of remote ssh server
BASTION_PORT_SSH Port of remote ssh server
BASTION_SSH_USER User to login on remote ssh server
LOCAL_HOST_TCP TCP address on local machine to forward TCP traffic
LOCAL_PORT_TCP TCP port on local machine to forward TCP traffic
SERVER_HOST_TCP_UDP TCP address on local machine to forward TCP->UDP traffic (0.0.0.0 mainly)
SERVER_PORT_TCP_UDP TCP port on local machine to forward TCP->UDP traffic
REMOTE_HOST_UDP Remote host UDP address (DNS server, for example)
REMOTE_PORT_UDP Remote host UDP address (DNS server, for example)

If remote host interface not configured ipv6, always listen on 0.0.0.0, no matter of REMOTE_FORWARD_HOST. Issue

Client side

ENV Meaning
BASTION_HOST_SSH Address of remote ssh server
BASTION_PORT_SSH Port of remote ssh server
BASTION_SSH_USER User to login on remote ssh server
LOCAL_HOST_TCP TCP address on local machine to forward TCP traffic
LOCAL_PORT_TCP TCP port on local machine to forward TCP traffic
SERVER_HOST_TCP_UDP Server TCP address to forward TCP->UDP traffic
SERVER_PORT_TCP_UDP Server TCP port to forward TCP->UDP traffic
CLIENT_HOST_UDP UDP address on local machine to forward TCP->UDP traffic
CLIENT_PORT_UDP UDP port on local machine to forward TCP->UDP traffic

Also you must specify at least one of environment variables to use for authentication on remote ssh server:

ENV Meaning
SSH_KEY_PATH Path to ssh private key. Use with SSH_KEY_PASSPHRASE env, if there is passhrase on key
SSH_AUTH_SOCK SSH-Agent socket address
SSH_USER_PASSWORD Password for user to login on remote ssh server

TODO:

  • Dockerfile for build and runtime
  • Monitor goroutines (possible memory leaks)
  • Implement tun2socks?
  • Implement UDP over TCP
  • Workaround for Issue

About

Go implementation of `ssh -D <port> <user>@<address> “ssh -R <remote-address>:<remote-port>:<address>:<port> <remote-user>@<remote-host> -p <remote-port>”`

Resources

Readme
Activity

Stars

2 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages