Documentation ¶
Index ¶
Constants ¶
View Source
const ( // CriticalOptionForceCommand defines a command that is executed (replacing any the user specified on the ssh command-line) whenever this key is used for authentication. CriticalOptionForceCommand configCriticalOption = "force-command" // CriticalOptionSourceAddress defines a comma-separated list of source addresses from which this certificate is accepted for authentication. Addresses are specified in CIDR format (nn.nn.nn.nn/nn or hhhh::hhhh/nn). If this option is not present then certificates may be presented from any source address. CriticalOptionSourceAddress configCriticalOption = "source-address" // ExtensionPermitX11Forwarding is a flag indicating that X11 forwarding should be permitted. X11 forwarding will be refused if this option is absent. ExtensionPermitX11Forwarding configExtension = "permit-X11-forwarding" // ExtensionPermitAgentForwarding is a flag indicating that agent forwarding should be allowed. Agent forwarding must not be permitted unless this option is present. ExtensionPermitAgentForwarding configExtension = "permit-agent-forwarding" // ExtensionPermitPortForwarding is a flag indicating that port-forwarding should be allowed. If this option is not present then no port forwarding will be allowed. ExtensionPermitPortForwarding configExtension = "permit-port-forwarding" // ExtensionPermitPTY is a flag indicating that PTY allocation should be permitted. In the absence of this option PTY allocation will be disabled. ExtensionPermitPTY configExtension = "permit-pty" // ExtensionPermitUserRC is a flag indicating that execution of ~/.ssh/rc should be permitted. Execution of this script will not be permitted if this option is not present. ExtensionPermitUserRC configExtension = "permit-user-rc" // ExtensionNoDefaults disables the default set of extensions ssoca would normally add. ExtensionNoDefaults configExtension = "ssoca-no-defaults" )
Variables ¶
View Source
var ExtensionDefaults = Extensions{ ExtensionPermitX11Forwarding, ExtensionPermitAgentForwarding, ExtensionPermitPortForwarding, ExtensionPermitPTY, ExtensionPermitUserRC, }
ExtensionDefaults is the set of extensions which will be enabled if ExtensionNoDefaults is not configured.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct { CertAuth certauth.ConfigValue `yaml:"certauth,omitempty"` Validity time.Duration `yaml:"validity,omitempty"` Principals dynamicvalue.MultiConfigValue `yaml:"principals,omitempty"` Target Target `yaml:"target,omitempty"` CriticalOptions CriticalOptions `yaml:"critical_options,omitempty"` Extensions Extensions `yaml:"extensions,omitempty"` }
Config settings for SSH key signing.
type CriticalOptions ¶
type CriticalOptions map[configCriticalOption]string
type Extensions ¶
type Extensions []configExtension
type Target ¶
type Target struct { Host string `yaml:"host,omitempty"` User dynamicvalue.ConfigValue `yaml:"user,omitempty"` Port int `yaml:"port,omitempty"` PublicKey string `yaml:"public_key,omitempty"` }
Click to show internal directories.
Click to hide internal directories.