Real Software Forums

The forum for Real Studio and other Real Software products.
[ REAL Software Website | Board Index ]
It is currently Tue Apr 23, 2019 5:30 am
xojo

All times are UTC - 5 hours




Post new topic Reply to topic  [ 13 posts ] 
Author Message
 Post subject: closing an ssh tunnel
PostPosted: Wed Apr 29, 2009 5:40 pm 
Offline

Joined: Wed Jan 07, 2009 7:19 pm
Posts: 8
I am connecting to a remote database and want to make sure the traffic is private and secure. Before connecting to the database, I open up an SSH tunnel with, for example,

plink -i keyname.ppk -N -L 3334:192.168.77.88:3333 me@192.168.77.88 (see below for switch details)

Then all local database interaction goes through 127.0.0.1:3334 and reaches 192.168.77.88:3333 without any need to alter the server configuration (which would be necessary if I wanted to use the SSLSocket class). This works fine if I use the RealBasic Shell class to invoke the above.

What doesn't work is ending the session. After I click on the red X in the upper right (which used to exit the application), the tunnel is still open. I've run through the debugger and Shell.close gets called and returns without closing the tunnel.

I just downloaded WFS and there's probably something in there I can use, but I need to support Mac as well. That said, I haven't tested on Mac yet to see if it has the same problem. What is the simplest way for me to close the SSH session?

Command details
"-i keyname.ppk" tells plink which private key to use for SSH authentication. This avoids asking the user for a password.
"-N" tells the server not to run any remote commands. This is used to restrict the session to tunneling only.
"-L a:b:c" specifies the port forwarding parameters. a is the local port, b is the remote IP and c is the remote port.
"user@ip" tells the server who is trying to open the tunnel.


Top
 Profile  
Reply with quote  
 Post subject: Re: closing an ssh tunnel
PostPosted: Wed Apr 29, 2009 6:40 pm 
Offline
Real Software Engineer

Joined: Sat Dec 24, 2005 8:18 pm
Posts: 7858
Location: Canada, Alberta, Near Red Deer
Dunno about plink

But on OS X ssh should do
http://www.ssh.com/support/documentatio ... rding.html

the secure session should terminate when you quit the shell

_________________
Norman Palardy (Real Software)


Top
 Profile  
Reply with quote  
 Post subject: Re: closing an ssh tunnel
PostPosted: Thu Apr 30, 2009 10:36 am 
Offline

Joined: Wed Jan 07, 2009 7:19 pm
Posts: 8
well, if there were a way to send Ctl-C (or its equivalent) to the shell, that might do the trick. i haven't found a good way to do that yet.

when i first start up the shell, i instantly run "cmd.exe." since i only need to run one command (open tunnel, then sit idly by), maybe i shouldn't do this? maybe i just run "plink -i ... " instead of "cmd.exe"?


Top
 Profile  
Reply with quote  
 Post subject: Re: closing an ssh tunnel
PostPosted: Thu Apr 30, 2009 10:45 am 
Offline
User avatar

Joined: Sun Aug 05, 2007 10:46 am
Posts: 4931
Location: San Diego, CA
Remember.... commands submitted via SHELL run in a different environment [ie. subprocess area], so one the shell returns to RB, that environment could still very well be active, and there is no way to reconnect to it [well no real easy way]


see this post http://forums.realsoftware.com/viewtopic.php?f=1&t=27784&hilit=shell

_________________
Dave Sisemore
iMac I7[2012], OSX Mountain Lion 10.8.3 RB2012r2.1
Note : I am not interested in any solutions that involve custom Plug-ins of any kind


Top
 Profile  
Reply with quote  
 Post subject: Re: closing an ssh tunnel
PostPosted: Thu Apr 30, 2009 6:10 pm 
Offline

Joined: Wed Jan 07, 2009 7:19 pm
Posts: 8
ok, so i shouldn't do shell.execute("plink ..."). there's lots of talk about how the shell class gives you a system shell to work with. how does one send Ctl-C, or more generally, anything non-text, to the shell? all i see is shell.write and shell.writeline, both of which only accept strings. is there a way to encode special keys (arrows, alt, etc.) that isn't documented?


Top
 Profile  
Reply with quote  
 Post subject: Re: closing an ssh tunnel
PostPosted: Thu Apr 30, 2009 10:43 pm 
Offline

Joined: Wed Jan 07, 2009 7:19 pm
Posts: 8
alright, hopefully someone else will find this useful in the future. the brute force way to kill the session is to open a separate shell and issue the command

taskkill /f /fi "imagename eq plink.exe"

this is a windows only-solution, but it requires no extra components (eg wfs). it also has the side effect of closing all plink sessions whether they were started from your application or not. because of this, i would still be very interested in how to send non-string commands to a shell. it would be much nicer to simply issue Ctl-C to cmd.exe and let it close the session gracefully. and if it's not possible, i'd call anyone who says rb offers a full system shell a liar and have a feature request to put in with real software.

luckily the only windows boxes i have to support are xp pro, which are guaranteed to have taskkill on them. apparently, xp home doesn't, but you can use "tskill" instead, though it isn't quite as powerful as the above, so you may have to write a full-on script to iterate over the results of "tasklist" to make "tskill" work. no idea what happens with vista or windows 7.


Top
 Profile  
Reply with quote  
 Post subject: Re: closing an ssh tunnel
PostPosted: Fri May 01, 2009 12:21 am 
Offline

Joined: Fri Jan 06, 2006 3:21 pm
Posts: 12388
Location: Portland, OR USA
Cmd.exe <> system shell. Cmd.exe is a terminal program that interacts with a system shell. One of the functions it provides is that when you type Ctrl-C, it sends a signal to the shell to quit. You have to do the same - send a signal to the shell. One way is to use a program like taskkill. Another way would be to use API calls.

Tim


Top
 Profile  
Reply with quote  
 Post subject: Re: closing an ssh tunnel
PostPosted: Fri May 01, 2009 12:44 pm 
Offline

Joined: Wed Jan 07, 2009 7:19 pm
Posts: 8
but the best way is for the rb shell class to allow sending Ctl-C to cmd.exe and let cmd.exe do the rest. is this possible?


Top
 Profile  
Reply with quote  
 Post subject: Re: closing an ssh tunnel
PostPosted: Fri May 01, 2009 12:53 pm 
Offline

Joined: Fri Jan 06, 2006 3:21 pm
Posts: 12388
Location: Portland, OR USA
I don't see anywhere in your post where cmd.exe is involved. You're calling shell.execute on plink. Are you saying that you are using an interactive shell running cmd.exe and passing it the plink command?

Tim


Top
 Profile  
Reply with quote  
 Post subject: Re: closing an ssh tunnel
PostPosted: Fri May 01, 2009 12:55 pm 
Offline
User avatar

Joined: Tue Mar 17, 2009 8:53 am
Posts: 751
human wrote:
but the best way is for the rb shell class to allow sending Ctl-C to cmd.exe and let cmd.exe do the rest. is this possible?

Like Tim said, cmd.exe is not the system shell, therefore, no it is not possible.

_________________
No thanks, I don't want to buy any plugins.


Top
 Profile  
Reply with quote  
 Post subject: Re: closing an ssh tunnel
PostPosted: Fri May 01, 2009 1:32 pm 
Offline

Joined: Wed Jan 07, 2009 7:19 pm
Posts: 8
timhare wrote:
You're calling shell.execute on plink.

Tim

no, i'm not. i asked explicitly earlier in the thread whether i should do this or not and came to my own conclusion i shouldn't, though now that i'm resorting to taskkill, it would probably work.

timhare wrote:
Are you saying that you are using an interactive shell running cmd.exe and passing it the plink command?

Tim

yes, that's what i'm saying.

Bessie wrote:
Like Tim said, cmd.exe is not the system shell, therefore, no it is not possible.


if you can send things via writeline and get things back via readall, it doesn't matter whether cmd is the system shell or not. the rb shell object can communicate with cmd, so why can't it embed non-string things into that communication? obviously, the method doesn't exist in the class, but if there's no technical reason why it couldn't, my request would be for a new method that can.


Top
 Profile  
Reply with quote  
 Post subject: Re: closing an ssh tunnel
PostPosted: Fri May 01, 2009 3:14 pm 
Offline
User avatar

Joined: Tue Mar 17, 2009 8:53 am
Posts: 751
human wrote:
why can't it embed non-string things into that communication?

Well, you can already embed control characters into the string. Just write Chr(3) for an ASCII ^C character with any existing write method. It's just that the shell doesn't treat that character specially, so nothing happens. But a kill signal is a different kind of animal altogether; it's not characters in a stream.

_________________
No thanks, I don't want to buy any plugins.


Top
 Profile  
Reply with quote  
 Post subject: Re: closing an ssh tunnel
PostPosted: Fri May 01, 2009 3:49 pm 
Offline

Joined: Wed Jan 07, 2009 7:19 pm
Posts: 8
the whole point is for the shell not to treat it specially. the point is to let the shell send it to cmd.exe (or bash or whatever) and let cmd.exe do with it what it pleases. based on my (obviously flawed) understanding, what you described, bessie, should work. cmd.exe should see Chr(3), realize it's the same as Ctl-c and send the kill signal to plink.

but it doesn't. why? somehow, cmd.exe will end the ssh session if it sees ctl-c and cmd.exe was started from windows. where is that magic happening?

is windows generating the kill signal and sending it to cmd.exe, who realizes that it isn't for itself and sends it to the ssh session? this seems unlikely since ctl-c usually means "copy" in windows.

does windows just send the key events to cmd.exe, where the kill signal is generated? if so, should the rb shell class be capable of the same thing?

is it some other mechanism altogether?


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 13 posts ] 

All times are UTC - 5 hours


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group