golang 通過ssh代理連接mysql的操作
我就廢話不多說了,大家還是直接看代碼吧~
package mainimport ('bytes''context''database/sql''errors''fmt''github.com/go-sql-driver/mysql''golang.org/x/crypto/ssh''io''io/ioutil''net''os')type ViaSSHDialer struct {client *ssh.Client_ *context.Context} func (self *ViaSSHDialer) Dial(context context.Context,addr string) (net.Conn, error) {return self.client.Dial('tcp', addr)}type remoteScriptType bytetype remoteShellType byte const (cmdLine remoteScriptType = iotarawScriptscriptFile interactiveShell remoteShellType = iotanonInteractiveShell) type Client struct {client *ssh.Client}func main() {client, err := DialWithPasswd('ip:port', 'user', 'password')if err != nil {panic(err)}out, err := client.Cmd('ls -l').Output()if err != nil {panic(err)}fmt.Println(string(out))// Now we register the ViaSSHDialer with the ssh connection as a parametermysql.RegisterDialContext('mysql+tcp', (&ViaSSHDialer{client.client,nil}).Dial)//mysql.RegisterDial('mysql+tcp', (&ViaSSHDialer{client.client}).Dial)if db, err := sql.Open('mysql', fmt.Sprintf('%s:%s@mysql+tcp(%s)/%s','Aiqitest', 'uf6amk146d2aoemi7', '139.196.174.234:3306', 'Aiqitest'));err == nil {fmt.Printf('Successfully connected to the dbn')if rows, err := db.Query('SELECT id, name FROM table ORDER BY id'); err == nil {for rows.Next() {var id int64var name stringrows.Scan(&id, &name)fmt.Printf('ID: %d Name: %sn', id, name)}rows.Close()} else {fmt.Printf('Failure: %s', err.Error())} db.Close()}} // DialWithPasswd starts a client connection to the given SSH server with passwd authmethod.func DialWithPasswd(addr, user, passwd string) (*Client, error) {config := &ssh.ClientConfig{User: user,Auth: []ssh.AuthMethod{ssh.Password(passwd),},HostKeyCallback: ssh.HostKeyCallback(func(hostname string, remote net.Addr, key ssh.PublicKey) error { return nil }),} return Dial('tcp', addr, config)} // DialWithKey starts a client connection to the given SSH server with key authmethod.func DialWithKey(addr, user, keyfile string) (*Client, error) {key, err := ioutil.ReadFile(keyfile)if err != nil {return nil, err} signer, err := ssh.ParsePrivateKey(key)if err != nil {return nil, err} config := &ssh.ClientConfig{User: user,Auth: []ssh.AuthMethod{ssh.PublicKeys(signer),},HostKeyCallback: ssh.HostKeyCallback(func(hostname string, remote net.Addr, key ssh.PublicKey) error { return nil }),} return Dial('tcp', addr, config)} // DialWithKeyWithPassphrase same as DialWithKey but with a passphrase to decrypt the private keyfunc DialWithKeyWithPassphrase(addr, user, keyfile string, passphrase string) (*Client, error) {key, err := ioutil.ReadFile(keyfile)if err != nil {return nil, err} signer, err := ssh.ParsePrivateKeyWithPassphrase(key, []byte(passphrase))if err != nil {return nil, err} config := &ssh.ClientConfig{User: user,Auth: []ssh.AuthMethod{ssh.PublicKeys(signer),},HostKeyCallback: ssh.HostKeyCallback(func(hostname string, remote net.Addr, key ssh.PublicKey) error { return nil }),} return Dial('tcp', addr, config)} // Dial starts a client connection to the given SSH server.// This is wrap the ssh.Dialfunc Dial(network, addr string, config *ssh.ClientConfig) (*Client, error) {client, err := ssh.Dial(network, addr, config)if err != nil {return nil, err}return &Client{client: client,}, nil} func (c *Client) Close() error {return c.client.Close()} // Cmd create a command on clientfunc (c *Client) Cmd(cmd string) *remoteScript {return &remoteScript{_type: cmdLine,client: c.client,script: bytes.NewBufferString(cmd + 'n'),}} // Scriptfunc (c *Client) Script(script string) *remoteScript {return &remoteScript{_type: rawScript,client: c.client,script: bytes.NewBufferString(script + 'n'),}} // ScriptFilefunc (c *Client) ScriptFile(fname string) *remoteScript {return &remoteScript{_type: scriptFile,client: c.client,scriptFile: fname,}} type remoteScript struct {client *ssh.Client_type remoteScriptTypescript *bytes.BufferscriptFile stringerr error stdout io.Writerstderr io.Writer} // Runfunc (rs *remoteScript) Run() error {if rs.err != nil {fmt.Println(rs.err)return rs.err} if rs._type == cmdLine {return rs.runCmds()} else if rs._type == rawScript {return rs.runScript()} else if rs._type == scriptFile {return rs.runScriptFile()} else {return errors.New('Not supported remoteScript type')}} func (rs *remoteScript) Output() ([]byte, error) {if rs.stdout != nil {return nil, errors.New('Stdout already set')}var out bytes.Bufferrs.stdout = &outerr := rs.Run()return out.Bytes(), err} func (rs *remoteScript) SmartOutput() ([]byte, error) {if rs.stdout != nil {return nil, errors.New('Stdout already set')}if rs.stderr != nil {return nil, errors.New('Stderr already set')} var (stdout bytes.Bufferstderr bytes.Buffer)rs.stdout = &stdoutrs.stderr = &stderrerr := rs.Run()if err != nil {return stderr.Bytes(), err}return stdout.Bytes(), err} func (rs *remoteScript) Cmd(cmd string) *remoteScript {_, err := rs.script.WriteString(cmd + 'n')if err != nil {rs.err = err}return rs} func (rs *remoteScript) SetStdio(stdout, stderr io.Writer) *remoteScript {rs.stdout = stdoutrs.stderr = stderrreturn rs} func (rs *remoteScript) runCmd(cmd string) error {session, err := rs.client.NewSession()if err != nil {return err}defer session.Close() session.Stdout = rs.stdoutsession.Stderr = rs.stderr if err := session.Run(cmd); err != nil {return err}return nil} func (rs *remoteScript) runCmds() error {for {statment, err := rs.script.ReadString(’n’)if err == io.EOF {break}if err != nil {return err} if err := rs.runCmd(statment); err != nil {return err}} return nil} func (rs *remoteScript) runScript() error {session, err := rs.client.NewSession()if err != nil {return err} session.Stdin = rs.scriptsession.Stdout = rs.stdoutsession.Stderr = rs.stderr if err := session.Shell(); err != nil {return err}if err := session.Wait(); err != nil {return err} return nil} func (rs *remoteScript) runScriptFile() error {var buffer bytes.Bufferfile, err := os.Open(rs.scriptFile)if err != nil {return err}_, err = io.Copy(&buffer, file)if err != nil {return err} rs.script = &bufferreturn rs.runScript()} type remoteShell struct {client *ssh.ClientrequestPty boolterminalConfig *TerminalConfig stdin io.Readerstdout io.Writerstderr io.Writer} type TerminalConfig struct {Term stringHight intWeight intModes ssh.TerminalModes} // Terminal create a interactive shell on client.func (c *Client) Terminal(config *TerminalConfig) *remoteShell {return &remoteShell{client: c.client,terminalConfig: config,requestPty: true,}} // Shell create a noninteractive shell on client.func (c *Client) Shell() *remoteShell {return &remoteShell{client: c.client,requestPty: false,}} func (rs *remoteShell) SetStdio(stdin io.Reader, stdout, stderr io.Writer) *remoteShell {rs.stdin = stdinrs.stdout = stdoutrs.stderr = stderrreturn rs} // Start start a remote shell on clientfunc (rs *remoteShell) Start() error {session, err := rs.client.NewSession()if err != nil {return err}defer session.Close() if rs.stdin == nil {session.Stdin = os.Stdin} else {session.Stdin = rs.stdin}if rs.stdout == nil {session.Stdout = os.Stdout} else {session.Stdout = rs.stdout}if rs.stderr == nil {session.Stderr = os.Stderr} else {session.Stderr = rs.stderr} if rs.requestPty {tc := rs.terminalConfigif tc == nil {tc = &TerminalConfig{Term: 'xterm',Hight: 40,Weight: 80,}}if err := session.RequestPty(tc.Term, tc.Hight, tc.Weight, tc.Modes); err != nil {return err}} if err := session.Shell(); err != nil {return err} if err := session.Wait(); err != nil {return err} return nil}
補充:用golang寫socks5代理服務器2-ssh遠程代理
上次用golang來實現本地socks5代理,然而使用代理當然是為了和諧上網,所以這次來介紹用ssh來實現遠程代理,用到官方ssh包
golang.org/x/crypto/ssh
用golang連接ssh并不難
讀取密鑰,設置配置,連接服務器就ok了(不建議用用戶名+密碼方式連接ssh)
b, err := ioutil.ReadFile('/home/myml/.ssh/id_rsa') if err != nil { log.Println(err) return } pKey, err := ssh.ParsePrivateKey(b) if err != nil { log.Println(err) return } config := ssh.ClientConfig{ User: 'userName', Auth: []ssh.AuthMethod{ ssh.PublicKeys(pKey), }, } client, err = ssh.Dial('tcp', 'Host:22', &config) if err != nil { log.Println(err) return } log.Println('連接服務器成功') defer client.Close()
這樣你就得到了一個client,它有個Dial()函數用來創建socket連接,這個是在服務器上創建的,也就可以突破網絡限制了,加上上次的sock5代理,把net.Dial改為client.Dial,就能讓服務器來代理訪問了
server, err := client.Dial('tcp', addr) if err != nil { log.Println(err) return } conn.Write([]byte{0x05, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}) go io.Copy(server, conn) io.Copy(conn, server)
下面是能成功運行并進行遠程代理的代碼(在Chrome和proxychains測試),ssh服務器和配置信息要修改為自己的
// socks5ProxyProxy project main.gopackage main import ( 'bytes' 'encoding/binary' 'fmt' 'io' 'io/ioutil' 'log' 'net' 'golang.org/x/crypto/ssh') func socks5Proxy(conn net.Conn) { defer conn.Close() var b [1024]byte n, err := conn.Read(b[:]) if err != nil { log.Println(err) return } log.Printf('% x', b[:n]) conn.Write([]byte{0x05, 0x00}) n, err = conn.Read(b[:]) if err != nil { log.Println(err) return } log.Printf('% x', b[:n]) var addr string switch b[3] { case 0x01: sip := sockIP{} if err := binary.Read(bytes.NewReader(b[4:n]), binary.BigEndian, &sip); err != nil { log.Println('請求解析錯誤') return } addr = sip.toAddr() case 0x03: host := string(b[5 : n-2]) var port uint16 err = binary.Read(bytes.NewReader(b[n-2:n]), binary.BigEndian, &port) if err != nil { log.Println(err) return } addr = fmt.Sprintf('%s:%d', host, port) } server, err := client.Dial('tcp', addr) if err != nil { log.Println(err) return } conn.Write([]byte{0x05, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}) go io.Copy(server, conn) io.Copy(conn, server)} type sockIP struct { A, B, C, D byte PORT uint16} func (ip sockIP) toAddr() string { return fmt.Sprintf('%d.%d.%d.%d:%d', ip.A, ip.B, ip.C, ip.D, ip.PORT)} func socks5ProxyStart() { log.SetFlags(log.Ltime | log.Lshortfile) server, err := net.Listen('tcp', ':8080') if err != nil { log.Panic(err) } defer server.Close() log.Println('開始接受連接') for { client, err := server.Accept() if err != nil { log.Println(err) return } log.Println('一個新連接') go socks5Proxy(client) }} var client *ssh.Client func main() { b, err := ioutil.ReadFile('/home/myml/.ssh/id_rsa') if err != nil { log.Println(err) return } pKey, err := ssh.ParsePrivateKey(b) if err != nil { log.Println(err) return } config := ssh.ClientConfig{ User: 'user', Auth: []ssh.AuthMethod{ ssh.PublicKeys(pKey), }, } client, err = ssh.Dial('tcp', 'host:22', &config) if err != nil { log.Println(err) return } log.Println('連接服務器成功') defer client.Close() client.Dial() socks5ProxyStart() return}
以上為個人經驗,希望能給大家一個參考,也希望大家多多支持好吧啦網。如有錯誤或未考慮完全的地方,望不吝賜教。
相關文章:
網公網安備