An Internet Protocol Encryption Control/Component by WeOnlyDo! Inc.

It can work in both sides - it can accept local connections and forward them to the server, or can initiate connections towards local services when notification is received from SSH server for 'remote port forwarding' request - based on your previous request.

Basically, to understand what happens: instead of using direct connections to the server, through insecure internet, you would connect to your SSH server using encrypted connection, and SSH server would connect to services you require. Usually, most of those services will reside on same server as SSH server, or will be in protected network. Also, not only it will secure connections - but it will also allow you to create VPN to your services.

How does it work?
You setup any number of Channels - these are objects that will keep information about specific port forwarding request. For example, you can create Channel that will listen on local port 80, and forward all requests to SSH server on his port 80. After you Start that channel, you can try to connect using your web browser to http://localhost and you should see web contents as held on SSH server. Cute, isn't it?

After Channel is created and started, it will accept Users. Each channel stores collection of users connected to it. Once new User tries to connect to the channel, you will receive event where you can allow or deny user to use secure channel - once again, it's your decision. If you allow user to connect and use channel, everything is done by wodSSHTunnel, and you don't need to do anything else.

Where to use it?
Well, if you are looking for tunneling component, you already have an idea where to use it. But, if you don't have ideas, we'll give you a hint: encrypting your emails this way is a good way to start. You can setup channel to listen on port 110 (for POP3 protocol), and point it to the server on port 110. After that, you can just use your email client to connect to localhost on port 110, and complete email transfer will be encrypted. This is great tool when you are reading your email from public computers or internet cafes.

You can also encrypt SMTP protocol this way. Not only it's secured - but you can also bypass relay checking on your SMTP server. When you send email this way, through the tunnel, SMTP server sees mail as coming from localhost (on his side!) and it will allow relays. This is not security flaw - it's normal since you already authentication to that server using SSH protocol!

Programming considerations
wodSSHTunnel comes in two flavors: as COM object ( in VB you need to declare it with Dim WithEvents Tunnel1 as wodTunnel) where you can initialize and destroy the component on the fly (or use as many instances of it as you want), and as ActiveX control (usually you will just drag&drop icon to your form). When used as ActiveX control, you can set up basic properties (and even define channels!) using its property pages.

As usual, wodSSHTunnel is a royalty free component. You have right to distribute binaries (wodTunnel.dll, wodTunnel.ocx, wodKeys.dll) with your application free of charge. You only need to purchase separate license for each developer on your project. Under no circumstances you can sell, give away or change component's source code - it will still belong to WeOnlyDo! Inc.

wodSSHTunnel can be used in many environments, wherever it makes sense to run server-type application. Of course, if you try to use it in ASP it will probably not work.