sftpd

package
v1.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 17, 2020 License: GPL-3.0 Imports: 34 Imported by: 0

Documentation

Overview

Package sftpd implements the SSH File Transfer Protocol as described in https://tools.ietf.org/html/draft-ietf-secsh-filexfer-02. It uses pkg/sftp library: https://github.com/pkg/sftp

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetDefaultSSHCommands 

func GetDefaultSSHCommands() []string

GetDefaultSSHCommands returns the SSH commands enabled as default

func GetSupportedSSHCommands 

func GetSupportedSSHCommands() []string

GetSupportedSSHCommands returns the supported SSH commands

Types

type Configuration 

type Configuration struct {
	// Identification string used by the server
	Banner string `json:"banner" mapstructure:"banner"`
	// The port used for serving SFTP requests
	BindPort int `json:"bind_port" mapstructure:"bind_port"`
	// The address to listen on. A blank value means listen on all available network interfaces.
	BindAddress string `json:"bind_address" mapstructure:"bind_address"`
	// Deprecated: please use the same key in common configuration
	IdleTimeout int `json:"idle_timeout" mapstructure:"idle_timeout"`
	// Maximum number of authentication attempts permitted per connection.
	// If set to a negative number, the number of attempts is unlimited.
	// If set to zero, the number of attempts are limited to 6.
	MaxAuthTries int `json:"max_auth_tries" mapstructure:"max_auth_tries"`
	// Deprecated: please use the same key in common configuration
	UploadMode int `json:"upload_mode" mapstructure:"upload_mode"`
	// Actions to execute on file operations and SSH commands
	Actions common.ProtocolActions `json:"actions" mapstructure:"actions"`
	// Deprecated: please use HostKeys
	Keys []Key `json:"keys" mapstructure:"keys"`
	// HostKeys define the daemon's private host keys.
	// Each host key can be defined as a path relative to the configuration directory or an absolute one.
	// If empty or missing, the daemon will search or try to generate "id_rsa" and "id_ecdsa" host keys
	// inside the configuration directory.
	HostKeys []string `json:"host_keys" mapstructure:"host_keys"`
	// KexAlgorithms specifies the available KEX (Key Exchange) algorithms in
	// preference order.
	KexAlgorithms []string `json:"kex_algorithms" mapstructure:"kex_algorithms"`
	// Ciphers specifies the ciphers allowed
	Ciphers []string `json:"ciphers" mapstructure:"ciphers"`
	// MACs Specifies the available MAC (message authentication code) algorithms
	// in preference order
	MACs []string `json:"macs" mapstructure:"macs"`
	// TrustedUserCAKeys specifies a list of public keys paths of certificate authorities
	// that are trusted to sign user certificates for authentication.
	// The paths can be absolute or relative to the configuration directory
	TrustedUserCAKeys []string `json:"trusted_user_ca_keys" mapstructure:"trusted_user_ca_keys"`
	// LoginBannerFile the contents of the specified file, if any, are sent to
	// the remote user before authentication is allowed.
	LoginBannerFile string `json:"login_banner_file" mapstructure:"login_banner_file"`
	// Deprecated: please use the same key in common configuration
	SetstatMode int `json:"setstat_mode" mapstructure:"setstat_mode"`
	// List of enabled SSH commands.
	// We support the following SSH commands:
	// - "scp". SCP is an experimental feature, we have our own SCP implementation since
	//      we can't rely on scp system command to proper handle permissions, quota and
	//      user's home dir restrictions.
	// 		The SCP protocol is quite simple but there is no official docs about it,
	// 		so we need more testing and feedbacks before enabling it by default.
	// 		We may not handle some borderline cases or have sneaky bugs.
	// 		Please do accurate tests yourself before enabling SCP and let us known
	// 		if something does not work as expected for your use cases.
	//      SCP between two remote hosts is supported using the `-3` scp option.
	// - "md5sum", "sha1sum", "sha256sum", "sha384sum", "sha512sum". Useful to check message
	//      digests for uploaded files. These commands are implemented inside SFTPGo so they
	//      work even if the matching system commands are not available, for example on Windows.
	// - "cd", "pwd". Some mobile SFTP clients does not support the SFTP SSH_FXP_REALPATH and so
	//      they use "cd" and "pwd" SSH commands to get the initial directory.
	//      Currently `cd` do nothing and `pwd` always returns the "/" path.
	//
	// The following SSH commands are enabled by default: "md5sum", "sha1sum", "cd", "pwd".
	// "*" enables all supported SSH commands.
	EnabledSSHCommands []string `json:"enabled_ssh_commands" mapstructure:"enabled_ssh_commands"`
	// Absolute path to an external program or an HTTP URL to invoke for keyboard interactive authentication.
	// Leave empty to disable this authentication mode.
	KeyboardInteractiveHook string `json:"keyboard_interactive_auth_hook" mapstructure:"keyboard_interactive_auth_hook"`
	// PasswordAuthentication specifies whether password authentication is allowed.
	PasswordAuthentication bool `json:"password_authentication" mapstructure:"password_authentication"`
	// Deprecated: please use the same key in common configuration
	ProxyProtocol int `json:"proxy_protocol" mapstructure:"proxy_protocol"`
	// Deprecated: please use the same key in common configuration
	ProxyAllowed []string `json:"proxy_allowed" mapstructure:"proxy_allowed"`
	// contains filtered or unexported fields
}

Configuration for the SFTP server

func (Configuration) AcceptInboundConnection 

func (c Configuration) AcceptInboundConnection(conn net.Conn, config *ssh.ServerConfig)

AcceptInboundConnection handles an inbound connection to the server instance and determines if the request should be served or not.

func (Configuration) Initialize 

func (c Configuration) Initialize(configDir string) error

Initialize the SFTP server and add a persistent listener to handle inbound SFTP connections.

type Connection 

type Connection struct {
	*common.BaseConnection
	// client's version string
	ClientVersion string
	// Remote address for this connection
	RemoteAddr net.Addr
	// contains filtered or unexported fields
}

Connection details for an authenticated user

func (*Connection) Disconnect added in v1.1.0 

func (c *Connection) Disconnect() error

Disconnect disconnects the client closing the network connection

func (*Connection) Filecmd 

func (c *Connection) Filecmd(request *sftp.Request) error

Filecmd hander for basic SFTP system calls related to files, but not anything to do with reading or writing to those files.

func (*Connection) Filelist 

func (c *Connection) Filelist(request *sftp.Request) (sftp.ListerAt, error)

Filelist is the handler for SFTP filesystem list calls. This will handle calls to list the contents of a directory as well as perform file/folder stat calls.

func (*Connection) Fileread 

func (c *Connection) Fileread(request *sftp.Request) (io.ReaderAt, error)

Fileread creates a reader for a file on the system and returns the reader back.

func (*Connection) Filewrite 

func (c *Connection) Filewrite(request *sftp.Request) (io.WriterAt, error)

Filewrite handles the write actions for a file on the system.

func (*Connection) GetClientVersion added in v1.1.0 

func (c *Connection) GetClientVersion() string

GetClientVersion returns the connected client's version

func (*Connection) GetCommand added in v1.1.0 

func (c *Connection) GetCommand() string

GetCommand returns the SSH command, if any

func (*Connection) GetRemoteAddress added in v1.1.0 

func (c *Connection) GetRemoteAddress() string

GetRemoteAddress return the connected client's address

func (*Connection) Lstat added in v1.1.0 

func (c *Connection) Lstat(request *sftp.Request) (sftp.ListerAt, error)

Lstat implements LstatFileLister interface

func (*Connection) OpenFile added in v1.1.0 

func (c *Connection) OpenFile(request *sftp.Request) (sftp.WriterAtReaderAt, error)

OpenFile implements OpenFileWriter interface

type Key 

type Key struct {
	// The private key path as absolute path or relative to the configuration directory
	PrivateKey string `json:"private_key" mapstructure:"private_key"`
}

Key contains information about host keys Deprecated: please use HostKeys

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.