diff --git a/src/backend/database/database.ts b/src/backend/database/database.ts
index f93126e6..edc7564f 100644
--- a/src/backend/database/database.ts
+++ b/src/backend/database/database.ts
@@ -27,6 +27,9 @@ import Database from "better-sqlite3";
const app = express();
+// Configure trust proxy to properly detect real client IP behind reverse proxy (nginx)
+app.set('trust proxy', true);
+
// Initialize auth middleware
const authManager = AuthManager.getInstance();
const authenticateJWT = authManager.createAuthMiddleware();
diff --git a/src/backend/database/routes/ssh.ts b/src/backend/database/routes/ssh.ts
index 81f7160f..0bf474c4 100644
--- a/src/backend/database/routes/ssh.ts
+++ b/src/backend/database/routes/ssh.ts
@@ -40,10 +40,6 @@ const authManager = AuthManager.getInstance();
const authenticateJWT = authManager.createAuthMiddleware();
const requireDataAccess = authManager.createDataAccessMiddleware();
-function isLocalhost(req: Request) {
- const ip = req.ip || req.connection?.remoteAddress;
- return ip === "127.0.0.1" || ip === "::1" || ip === "::ffff:127.0.0.1";
-}
// Internal-only endpoint for autostart - requires internal auth token
router.get("/db/host/internal", async (req: Request, res: Response) => {
diff --git a/src/locales/en/translation.json b/src/locales/en/translation.json
index 0996dbbf..451a076e 100644
--- a/src/locales/en/translation.json
+++ b/src/locales/en/translation.json
@@ -570,6 +570,8 @@
"sshpassRequired": "Sshpass Required For Password Authentication",
"sshpassRequiredDesc": "For password authentication in tunnels, sshpass must be installed on the system.",
"otherInstallMethods": "Other installation methods:",
+ "debianUbuntuEquivalent": "(Debian/Ubuntu) or the equivalent for your OS.",
+ "or": "or",
"centosRhelFedora": "CentOS/RHEL/Fedora",
"macos": "macOS",
"windows": "Windows",
diff --git a/src/locales/zh/translation.json b/src/locales/zh/translation.json
index 12b44aa0..cb303056 100644
--- a/src/locales/zh/translation.json
+++ b/src/locales/zh/translation.json
@@ -592,11 +592,21 @@
"maxRetriesDescription": "隧道连接的最大重试次数。",
"retryIntervalDescription": "重试尝试之间的等待时间。",
"otherInstallMethods": "其他安装方法:",
+ "debianUbuntuEquivalent": "(Debian/Ubuntu) 或您的操作系统的等效命令。",
+ "or": "或",
+ "centosRhelFedora": "CentOS/RHEL/Fedora",
+ "macos": "macOS",
+ "windows": "Windows",
"sshpassOSInstructions": {
"centos": "CentOS/RHEL/Fedora: sudo yum install sshpass 或 sudo dnf install sshpass",
"macos": "macOS: brew install hudochenkov/sshpass/sshpass",
"windows": "Windows: 使用 WSL 或考虑使用 SSH 密钥认证"
},
+ "sshServerConfigRequired": "SSH 服务器配置要求",
+ "sshServerConfigDesc": "对于隧道连接,SSH 服务器必须配置允许端口转发:",
+ "gatewayPortsYes": "绑定远程端口到所有接口",
+ "allowTcpForwardingYes": "启用端口转发",
+ "permitRootLoginYes": "如果使用 root 用户进行隧道连接",
"sshServerConfigReverse": "对于反向 SSH 隧道,端点 SSH 服务器必须允许:",
"gatewayPorts": "GatewayPorts yes(绑定远程端口)",
"allowTcpForwarding": "AllowTcpForwarding yes(端口转发)",
diff --git a/src/ui/Desktop/Admin/AdminSettings.tsx b/src/ui/Desktop/Admin/AdminSettings.tsx
index c7b05a7e..7978d459 100644
--- a/src/ui/Desktop/Admin/AdminSettings.tsx
+++ b/src/ui/Desktop/Admin/AdminSettings.tsx
@@ -873,7 +873,7 @@ export function AdminSettings({
{t("admin.export")}
- Export SSH hosts and credentials as SQLite file
+ {t("admin.exportDescription")}
{showPasswordInput && (
@@ -925,7 +925,7 @@ export function AdminSettings({
{t("admin.import")}
- Import SQLite file with incremental merge (skips duplicates)
+ {t("admin.importDescription")}
sudo apt install sshpass
{" "}
- (Debian/Ubuntu) or the equivalent for your OS.
+ {t("hosts.debianUbuntuEquivalent")}
{t("hosts.otherInstallMethods")}
@@ -1158,7 +1158,7 @@ export function HostManagerEditor({
sudo yum install sshpass
{" "}
- or{" "}
+ {t("hosts.or")}{" "}
sudo dnf install sshpass