1. Field of the Invention
The present invention relates to a technology of a computer system for port forwarding.
2. Description of the Related Art
All patents, patent applications, patent publications, scientific articles, and the like, which will hereinafter be cited or identified in the present application, are incorporated by reference in their entirety in order to describe more fully the state of the art to which the present invention pertains.
Server systems each including multiple cells each functioning as a computer including a calculator and a storing unit have been implemented as a computer system used for a core system. A cell is, for example, a baseboard including a calculator corresponding to a motherboard of a personal computer. Firmware (hereinafter, “BMCFW”) for controlling hardware that is a cell operates on the cell. A web console is used to manage the cell and the BMCFW. In other words, a user or an administrator accesses each cell from a computer of the user or the administrator through a network, and performs remote operation on the web console (for example, an operation screen).
Hereinafter, an example of access to a server system is explained with reference to FIG. 10. A user terminal 120 is a computer (personal computer) operated by a user. The user terminal 120 includes a web browser 121 and an SSH (secure shell) client 122. The web browser 121 is software for browsing websites on the Internet and preliminarily installed in the user terminal 120 in general. The SSH client 122 is software for remotely operating a remote host and used in lieu of the conventional TELNET (telecommunication network). Since the SSH client 122 is not usually installed in the user terminal 120, a user has to select an SSH client product to be installed in the user terminal 120.
A server system 110 shown in FIG. 10 is one server system. The server system 110 includes eight cells, i.e., cell 00 to cell 07. One or more of the cells 00 to 07 are combined to operate an OS (operating system).
One method for the user terminal 120 to perform secure access between the web browser 121 and the cells is SSL (secure sockets layer) connection. The SSL connection is a system for performing web server authentication and encoding of a communication path using HTTPS (hypertext transfer protocol over secure sockets layer). Data called an SSL certificate is required in the BMCFW to implement the SSL connection. For this reason, in the case of FIG. 10, SSL certificates are preliminarily purchased from a certificate authority and installed in the BMCFWs of the cells 00 to 07, respectively, before operations of the system commence. As a result, the SSL certificates are referred to upon the SSL connection from the web browser 121 to verify the validity of the server system. The SSL certificates included in the cells are different from one another. The network 109 is a LAN (local area network), and communication among the cells is performed through the network 109.
As a method of implementing secure access between the user terminal 120 and the cells 00 to 07 in addition to the SSL connection, there is a method called HTTP over SSH utilizing SSH port forwarding. The HTTP over SSH is a method in which the HTTP protocol is transmitted on an SSH communication path, and called port transmission or port forwarding. Specifically, in the method utilizing the SSH, an SSH port forwarding connection to the BMCFW of each cell is established, then connection to the BMCFW through a local port is performed on a web browser (called HTTP over SSH), and thereby a web console is securely utilized. A reference example of the port forwarding is disclosed in Japanese Unexamined Patent Application, Fast Publication, No. 2006-287692.
However, the access method has the following problems. When the SSL connection is performed on the web console, the server system provider has to purchase the SSL certificate for each cell from the certificate authority, causing higher costs for purchasing and maintaining the SSL certificates and time-consuming settings for a high-end server including a larger number of cells.
In addition, SSH-client software has to be installed in a user computer to perform the web console access using the SSH port forwarding, which is time-consuming. Further, a user has to manage a public key of each cell in the SSH server, which is time-consuming maintenance.