identityfile

package

v0.0.0-...-47c0216 Latest Latest Go to latest Published: Dec 19, 2024 License: Apache-2.0 Imports: 14 Imported by: 4

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/gravitational/teleport

Documentation ¶

Overview ¶

Package identityfile implements parsing and serialization of Teleport identity files.

Index ¶

Constants
func Encode(idFile *IdentityFile) ([]byte, error)
func Write(idFile *IdentityFile, path string) error
type CACerts
type Certs
type IdentityFile

Constants ¶

View Source

const (
	// FilePermissions defines file permissions for identity files.
	//
	// Specifically, for postgres, this must be 0600 or 0640 (choosing 0600 as it's more restrictive)
	// https://www.postgresql.org/docs/current/libpq-ssl.html
	// On Unix systems, the permissions on the private key file must disallow any access to world or group;
	//  achieve this by a command such as chmod 0600 ~/.postgresql/postgresql.key.
	// Alternatively, the file can be owned by root and have group read access (that is, 0640 permissions).
	//
	// Other services should accept 0600 as well, if not, we must change the Write function (in `lib/client/identityfile/identity.go`)
	FilePermissions = 0600
)

Variables ¶

This section is empty.

Functions ¶

func Encode ¶

func Encode(idFile *IdentityFile) ([]byte, error)

Encode encodes the given identityFile to bytes.

func Write ¶

func Write(idFile *IdentityFile, path string) error

Write writes the given identityFile to the specified path.

Types ¶

type CACerts ¶

type CACerts struct {
	// SSH are CA certs used for SSH in known_hosts format.
	SSH [][]byte
	// TLS are CA certs used for TLS.
	TLS [][]byte
}

CACerts contains PEM encoded CA certificates.

type Certs ¶

type Certs struct {
	// SSH is a cert used for SSH.
	SSH []byte
	// TLS is a cert used for TLS.
	TLS []byte
}

Certs contains PEM encoded certificates.

type IdentityFile ¶

type IdentityFile struct {
	// PrivateKey is PEM encoded private key data.
	PrivateKey []byte
	// Certs contains PEM encoded certificates.
	Certs Certs
	// CACerts contains PEM encoded CA certificates.
	CACerts CACerts
}

IdentityFile represents the basic components of an identity file.

func FromString ¶

func FromString(content string) (*IdentityFile, error)

FromString reads an identity file from a string.

func Read ¶

func Read(r io.Reader) (*IdentityFile, error)

Read reads an identity file from generic io.Reader interface.

func ReadFile ¶

func ReadFile(path string) (*IdentityFile, error)

ReadFile reads an identity file from a given path.

func (*IdentityFile) Expiry ¶

func (i *IdentityFile) Expiry() (time.Time, bool)

Expiry returns the credential expiry.

func (*IdentityFile) SSHClientConfig ¶

func (i *IdentityFile) SSHClientConfig() (*ssh.ClientConfig, error)

SSHClientConfig returns the identity file's associated SSHClientConfig.

func (*IdentityFile) TLSConfig ¶

func (i *IdentityFile) TLSConfig() (*tls.Config, error)

TLSConfig returns the identity file's associated TLSConfig.

Source Files ¶

View all Source files

identityfile.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL