=?gb18030?b?u9i4tKO6SXMgc3NoIGFwcHJvcHJpYXRlIGZvciB0?==?gb18030?b?aGlzIHVzZSBjYXNlPw==?=

["=?gb18030?b?wfXUqtXc?=" <945695107@xxxxxx>]

Hello, Chris


I'm also learning libssh this few days, and found your problem when I wake up at afternoon :-).
First of all, I think libssh tcp/ip forwarding can solve your problem, u need read https://blog.trackets.com/2014/05/17/ssh-tunnel-local-and-remote-port-forwarding-explained-with-examples.html(local port forwarding part) to understand what  does local port forwarding do and why it's an appropriate solution.
Then u can read this https://api.libssh.org/stable/libssh_tutor_forwarding.html
It shows the whole architecture about tcp/ip forward on client side. It holds one session between client(java) and server(c++),
no matter how many simulation processes u have, it doesn't care. I'm not familiar with java, but libssh is used in C, maybe
u need a JNI? Anyway once u can run this function, the server side(sshd_tcpip_forward.c), should be able to receive the request.
Here to make things clear, libssh is not something u can use automatic, it's NOT openssh, a prebuilt binary with many options u can choose,
u need to program some codes:
the client side in tutor only show how to open a request to server, I think u need to make java part connect to some localhost port, see 4321,
then in client code, u program a event_loop, check here:https://api.libssh.org/stable/group__libssh__poll.html, ssh_add_event_fd,
use socket to listen at 4321, once something arrive, forward it to server. Obviously u need to define what the date struct, as u may have many
simulation processes, and how long it is.(read ssh_channel_open_forward CAREFULLY!!, u must understand what the parameter should be).
Now it's ready to send it, once server receive it, it also need to re-direct to ur cpp listen port, here u also need program with socket, like client side,
use ssh_event callback.


Hope my thought can inspire you,
And sorry for the bad typesetting
Yuanzhe


------------------ 原始邮件 ------------------
发件人:&nbsp;"Christopher Morley"<chris@xxxxxxxxxxxxxxx&gt;;
发送时间:&nbsp;2020年4月10日(星期五) 上午8:07
收件人:&nbsp;"libssh"<libssh@xxxxxxxxxx&gt;;

主题:&nbsp;Is ssh appropriate for this use case?



Hi all -
I hope this is an appropriate question for this forum.


I have an application that consists of a user interface component (written in java) and a simulation engine (written in c++). These run in separate processes, potentially on different machines. The java process can start one or more simulation processes, disconnect, and re-connect to them. The simulation process can accept multiple user interface connections. Currently the processes communicate via tcp sockets, with the c++ process implementing a fairly standard non-blocking select-based event loop for processing requests from the connected java process(es).


I would like to add user authentication (for connection requests to the c++ simulation component) and encryption of the socket communications. I have been working on a small prototype based on the sshd_direct-tcpip.c example from libssh and the jsch example app UserAuthPubKey.java using public key (RSA) authentication.



OK, my specific questions:

1. Is ssh in general and libssh (and jsch?) appropriate choices to solve this problem?
2. Is the direct-tcpip channel the right one to use? Is there a more appropriate example that I can use, such as an "echo" server?
3. If there is not such an example, would offering $ persuade anyone to produce such an example (eg a non-blocking echo server using libssh) ?


Thanks in advance for any assistance or opinions you can offer-

Chris