Documentation ¶
Index ¶
- type Server
- func (s *Server) AdvertiseAddr() string
- func (s *Server) Close() error
- func (s *Server) Component() string
- func (s *Server) Context() context.Context
- func (s *Server) Dial() (net.Conn, error)
- func (s *Server) GetAccessPoint() srv.AccessPoint
- func (s Server) GetBPF() bpf.BPF
- func (s *Server) GetClock() clockwork.Clock
- func (s *Server) GetCreateHostUser() bool
- func (s *Server) GetDataDir() string
- func (s *Server) GetHostUsers() srv.HostUsers
- func (s *Server) GetInfo() types.Server
- func (s *Server) GetLockWatcher() *services.LockWatcher
- func (s *Server) GetNamespace() string
- func (s *Server) GetPAM() (*pam.Config, error)
- func (s Server) GetRestrictedSessionManager() restricted.Manager
- func (s *Server) GetUtmpPath() (string, string)
- func (s *Server) HostUUID() string
- func (s *Server) ID() string
- func (s *Server) PermitUserEnvironment() bool
- func (s *Server) Serve()
- func (s *Server) TargetMetadata() apievents.ServerMetadata
- func (s *Server) UseTunnel() bool
- type ServerConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Server ¶
type Server struct { // StreamEmitter points to the auth service and emits audit events events.StreamEmitter // contains filtered or unexported fields }
Server is a forwarding server. Server is used to create a single in-memory SSH server that will forward connections to a remote server. It's used along with the recording proxy to allow Teleport to record sessions with OpenSSH nodes at the proxy level.
To create a forwarding server and serve a single SSH connection on it:
serverConfig := forward.ServerConfig{ ... } remoteServer, err := forward.New(serverConfig) if err != nil { return nil, trace.Wrap(err) } go remoteServer.Serve() conn, err := remoteServer.Dial() if err != nil { return nil, trace.Wrap(err) }
func (*Server) AdvertiseAddr ¶
AdvertiseAddr is the address of the remote host this forwarding server is connected to.
func (*Server) Close ¶
Close will close all underlying connections that the forwarding server holds.
func (*Server) Context ¶
Context returns parent context, used to signal that parent server has been closed
func (*Server) GetAccessPoint ¶
func (s *Server) GetAccessPoint() srv.AccessPoint
GetAccessPoint returns a srv.AccessPoint for this cluster.
func (Server) GetBPF ¶
GetBPF returns the BPF service used by enhanced session recording. BPF for the forwarding server makes no sense (it has to run on the actual node), so return a NOP implementation.
func (*Server) GetCreateHostUser ¶
GetCreateHostUser determines whether users should be created on the host automatically
func (*Server) GetDataDir ¶
GetDataDir returns server local storage
func (*Server) GetHostUsers ¶
GetHostUser returns the HostUsers instance being used to manage host user provisioning, unimplemented for the forwarder server.
func (*Server) GetLockWatcher ¶
func (s *Server) GetLockWatcher() *services.LockWatcher
GetLockWatcher gets the server's lock watcher.
func (*Server) GetNamespace ¶
GetNamespace returns the namespace the forwarding server resides in.
func (*Server) GetPAM ¶
GetPAM returns the PAM configuration for a server. Because the forwarding server runs in-memory, it does not support PAM.
func (Server) GetRestrictedSessionManager ¶
func (s Server) GetRestrictedSessionManager() restricted.Manager
GetRestrictedSessionManager returns a NOP manager since for a forwarding server it makes no sense (it has to run on the actual node).
func (*Server) GetUtmpPath ¶
GetUtmpPath returns the optional override of the utmp and wtmp path. These values are never set for the forwarding server because utmp and wtmp are updated by the target server and not the forwarding server.
func (*Server) HostUUID ¶
HostUUID is the UUID of the underlying proxy that the forwarding server is running in.
func (*Server) PermitUserEnvironment ¶
PermitUserEnvironment is always false because it's up the the remote host to decide if the user environment will be read or not.
func (*Server) TargetMetadata ¶
func (s *Server) TargetMetadata() apievents.ServerMetadata
TargetMetadata returns metadata about the forwarding target.
type ServerConfig ¶
type ServerConfig struct { AuthClient auth.ClientI UserAgent teleagent.Agent TargetConn net.Conn SrcAddr net.Addr DstAddr net.Addr HostCertificate ssh.Signer // UseTunnel indicates of this server is connected over a reverse tunnel. UseTunnel bool // Address is the name of the host certificate. Address string // Ciphers is a list of ciphers that the server supports. If omitted, // the defaults will be used. Ciphers []string // KEXAlgorithms is a list of key exchange (KEX) algorithms that the // server supports. If omitted, the defaults will be used. KEXAlgorithms []string // MACAlgorithms is a list of message authentication codes (MAC) that // the server supports. If omitted the defaults will be used. MACAlgorithms []string // DataDir is a local data directory used for local server storage DataDir string // Clock is an optoinal clock to override default real time clock Clock clockwork.Clock // FIPS mode means Teleport started in a FedRAMP/FIPS 140-2 compliant // configuration. FIPS bool // HostUUID is the UUID of the underlying proxy that the forwarding server // is running in. HostUUID string // Emitter is audit events emitter Emitter events.StreamEmitter // ParentContext is a parent context, used to signal global // closure ParentContext context.Context // LockWatcher is a lock watcher. LockWatcher *services.LockWatcher // TracerProvider is used to create tracers capable // of starting spans. TracerProvider oteltrace.TracerProvider TargetID, TargetAddr, TargetHostname string }
ServerConfig is the configuration needed to create an instance of a Server.
func (*ServerConfig) CheckDefaults ¶
func (s *ServerConfig) CheckDefaults() error
CheckDefaults makes sure all required parameters are passed in.