| 摘要 |
A system and method for establishing secure communication between a first device and a second device, wherein the first device is behind a firewall. A Secure Shell (SSH) connection is established between the first device and the second device, wherein establishing a connection includes establishing a secured communications tunnel from the first device to the second device via an SSH protocol. The first device is registered with the second device, wherein registering includes sending an SSH protocol REGISTER DEVICE message from the first device to the second device. The REGISTER DEVICE message is acknowledged by the second device, wherein acknowledging includes receiving the REGISTER DEVICE message, determining the client applications to register, determining a separate socket port number to be used as a remote port on the second device for each the registered client applications from the list of one or more client applications running on the first device, and transmitting a REGISTER DEVICE ACK message including the remote port number for each registered client application from the second device to the first device. A reverse port forwarding request is made based on the local port number and the remote port number received from in the REGISTER DEVICE ACK message. |
| 主权项 |
1. A method of establishing secure communication between a first device and a second device, wherein the first device is behind a firewall, comprising:
establishing a Secure Shell (SSH) connection between the first device and the second device, wherein establishing a connection includes establishing a secured communications tunnel from the first device to the second device via an SSH protocol; registering the first device with the second device, wherein registering includes sending an SSH protocol REGISTER DEVICE message from the first device to the second device, wherein the REGISTER DEVICE message includes an identifier and a list of one or more client applications running on the first device, wherein the list includes a socket port number assigned to each client application, wherein the socket port number serves as a local port for the client application to which the socket port number is assigned; acknowledging the REGISTER DEVICE message at the second device, wherein acknowledging includes receiving the REGISTER DEVICE message, determining the client applications to register, determining a separate socket port number to be used as a remote port on the second device for each the registered client applications from the list of one or more client applications running on the first device, and transmitting a REGISTER DEVICE ACK message including the remote port number for each registered client application from the second device to the first device; transmitting a reverse port forwarding request from the first device to the second device, wherein the list of applications includes a first application and wherein the reverse port forwarding request includes the socket port number assigned as local port to the first application and the socket port number determined as remote port for the first application; and receiving, from the second device, a reverse port forwarding request acknowledgment associated with the first application. |
