running Pyro through a SSH tunnel

Contents

  1. example: accessing the name server
  2. example: accessing your own objects (not using a name server)
  3. example: accessing your own objects (using a name server)

Pyro 3.x supports a simple form of running encrypted over SSL connections. If you somehow cannot use that, running over SSH tunnels (also called Port forwarding) may be an alternative solution.

Pyro 4.x

The example below is for Pyro 3.x, but with a few changes it should also apply to Pyro 4.x.

example: accessing the name server

On computer1, fire up the name server. Make note of the address it binds on (usually localhost:9090).

On computer2, create a ssh tunnel to access the name server on computer1: ssh -L 9090:localhost:9090 username@computer1

Now you can use port 9090 locally on computer2 to access the nameserver that is running on computer1, through the ssh tunnel. For instance, on computer 1: python -m Pyro.nsc -h localhost -p 9090 list will list the namespace.

example: accessing your own objects (not using a name server)

On computer1 (the server) write your Pyro server program, and let the daemon bind on a specific port. We will tunnel to that port later. For instance: 

   1 import Pyro.core
   2 
   3 class MyServer(Pyro.core.ObjBase):
   4     def multiply(self, x, y):
   5         return x*y
   6 
   7 daemon = Pyro.core.Daemon(port=4444)   # specific port
   8 print 'The Pyro Deamon is running on',daemon.sock.getsockname()
   9 uri=daemon.connect(MyServer(),'myserver')
  10 daemon.requestLoop()

Now on computer2 (the client) write the client program, and let it connect to the port you chose earlier. But, because we will make an ssh tunnel, the client needs to connect to the port locally, rather than on computer1 (the server). So here we go: 

   1 import Pyro.core
   2 proxy=Pyro.core.DynamicProxy("PYROLOC://localhost:4444/myserver")
   3 print "doing some math..."
   4 print "4*5=",proxy.multiply(4,5)

Now make a tunnel: ssh -L 4444:localhost:4444 username@computer1 And you can now execute the client program and see that it connects through the ssh tunnel to your daemon on the other computer.

example: accessing your own objects (using a name server)

On computer1 (the server) start up the name server. Make note of the address it binds on (usually localhost:9090). Also write your Pyro server program. Let the daemon bind on a specific port; we will tunnel to that port later. You also need to make sure the daemon uses 'localhost' in the URIs it is publishing! For instance: 

   1 import Pyro.core
   2 import Pyro.naming
   3 
   4 class MyServer(Pyro.core.ObjBase):
   5     def multiply(self, x, y):
   6         return x*y
   7 
   8 # make sure to publish uris with localhost
   9 daemon = Pyro.core.Daemon(port=4444,publishhost="localhost")
  10 nameserver = Pyro.naming.NameServerLocator().getNS()
  11 print 'The Pyro Deamon is running on',daemon.sock.getsockname()
  12 daemon.useNameServer(nameserver)
  13 uri=daemon.connect(MyServer(),'sshtunnelserver')
  14 print "URI:",uri
  15 daemon.requestLoop()

Now on computer2 (the client) write the client program. Make sure it uses 'localhost' and the correct port to connect to the name server: 

   1 import Pyro.core
   2 
   3 Pyro.config.PYRO_NS_HOSTNAME="localhost"
   4 Pyro.config.PYRO_NS_PORT=9090
   5 proxy=Pyro.core.DynamicProxy("PYRONAME://sshtunnelserver")
   6 
   7 print "doing some math..."
   8 print "4*5=",proxy.multiply(4,5)

Make a ssh tunnel for both ports (nameserver and your own daemon): ssh -L 4444:localhost:4444 -L 9090:localhost:9090 username@computer1 And you can now run the client program on computer2.