Documentation ¶
Overview ¶
Package regular implements SSH server that supports multiplexing tunneling, SSH connections proxying and only supports Key based auth
Index ¶
- type RotationGetter
- type Server
- func (s *Server) Addr() string
- func (s *Server) AdvertiseAddr() string
- func (s *Server) Close() error
- func (s *Server) Component() string
- func (s *Server) EmitAuditEvent(event events.Event, fields events.EventFields)
- func (s *Server) GetAccessPoint() auth.AccessPoint
- func (s *Server) GetAuditLog() events.IAuditLog
- func (s *Server) GetBPF() bpf.BPF
- func (s *Server) GetClock() clockwork.Clock
- func (s *Server) GetDataDir() string
- func (s *Server) GetInfo() services.Server
- func (s *Server) GetNamespace() string
- func (s *Server) GetPAM() (*pam.Config, error)
- func (s *Server) GetSessionServer() rsession.Service
- func (s *Server) HandleConnection(conn net.Conn)
- func (s *Server) HandleNewChan(ccx *sshutils.ConnectionContext, nch ssh.NewChannel)
- func (s *Server) HandleRequest(r *ssh.Request)
- func (s *Server) HostUUID() string
- func (s *Server) ID() string
- func (s *Server) PermitUserEnvironment() bool
- func (s *Server) Serve(l net.Listener) error
- func (s *Server) Shutdown(ctx context.Context) error
- func (s *Server) Start() error
- func (s *Server) UseTunnel() bool
- func (s *Server) Wait()
- type ServerOption
- func SetAuditLog(alog events.IAuditLog) ServerOption
- func SetBPF(ebpf bpf.BPF) ServerOption
- func SetCiphers(ciphers []string) ServerOption
- func SetFIPS(fips bool) ServerOption
- func SetKEXAlgorithms(kexAlgorithms []string) ServerOption
- func SetLabels(labels map[string]string, cmdLabels services.CommandLabels) ServerOption
- func SetLimiter(limiter *limiter.Limiter) ServerOption
- func SetMACAlgorithms(macAlgorithms []string) ServerOption
- func SetNamespace(namespace string) ServerOption
- func SetPAMConfig(pamConfig *pam.Config) ServerOption
- func SetPermitUserEnvironment(permitUserEnvironment bool) ServerOption
- func SetProxyMode(tsrv reversetunnel.Server) ServerOption
- func SetRotationGetter(getter RotationGetter) ServerOption
- func SetSessionServer(sessionServer rsession.Service) ServerOption
- func SetShell(shell string) ServerOption
- func SetUUID(uuid string) ServerOption
- func SetUseTunnel(useTunnel bool) ServerOption
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type RotationGetter ¶
RotationGetter returns rotation state
type Server ¶
Server implements SSH server that uses configuration backend and certificate-based authentication
func New ¶
func New(addr utils.NetAddr, hostname string, signers []ssh.Signer, authService auth.AccessPoint, dataDir string, advertiseAddr string, proxyPublicAddr utils.NetAddr, options ...ServerOption) (*Server, error)
New returns an unstarted server
func (*Server) AdvertiseAddr ¶
AdvertiseAddr returns an address this server should be publicly accessible as, in "ip:host" form
func (*Server) EmitAuditEvent ¶
func (s *Server) EmitAuditEvent(event events.Event, fields events.EventFields)
EmitAuditEvent logs a given event to the audit log attached to the server who owns these sessions
func (*Server) GetAccessPoint ¶
func (s *Server) GetAccessPoint() auth.AccessPoint
func (*Server) GetAuditLog ¶
func (*Server) GetNamespace ¶
func (*Server) GetSessionServer ¶
func (*Server) HandleConnection ¶
HandleConnection is called after a connection has been accepted and starts to perform the SSH handshake immediately.
func (*Server) HandleNewChan ¶
func (s *Server) HandleNewChan(ccx *sshutils.ConnectionContext, nch ssh.NewChannel)
HandleNewChan is called when new channel is opened
func (*Server) HandleRequest ¶
HandleRequest processes global out-of-band requests. Global out-of-band requests are processed in order (this way the originator knows which request we are responding to). If Teleport does not support the request type or an error occurs while processing that request Teleport will reply req.Reply(false, nil).
For more details: https://tools.ietf.org/html/rfc4254.html#page-4
func (*Server) HostUUID ¶
HostUUID is the ID of the server. This value is the same as ID, it is different from the forwarding server.
func (*Server) PermitUserEnvironment ¶
PermitUserEnvironment returns if ~/.tsh/environment will be read before a session is created by this server.
type ServerOption ¶
ServerOption is a functional option passed to the server
func SetAuditLog ¶
func SetAuditLog(alog events.IAuditLog) ServerOption
SetAuditLog assigns an audit log interfaces to this server
func SetBPF ¶
func SetBPF(ebpf bpf.BPF) ServerOption
func SetCiphers ¶
func SetCiphers(ciphers []string) ServerOption
func SetFIPS ¶
func SetFIPS(fips bool) ServerOption
func SetKEXAlgorithms ¶
func SetKEXAlgorithms(kexAlgorithms []string) ServerOption
func SetLabels ¶
func SetLabels(labels map[string]string, cmdLabels services.CommandLabels) ServerOption
SetLabels sets dynamic and static labels that server will report to the auth servers
func SetLimiter ¶
func SetLimiter(limiter *limiter.Limiter) ServerOption
SetLimiter sets rate and connection limiter for this server
func SetMACAlgorithms ¶
func SetMACAlgorithms(macAlgorithms []string) ServerOption
func SetNamespace ¶
func SetNamespace(namespace string) ServerOption
func SetPAMConfig ¶
func SetPAMConfig(pamConfig *pam.Config) ServerOption
func SetPermitUserEnvironment ¶
func SetPermitUserEnvironment(permitUserEnvironment bool) ServerOption
SetPermitUserEnvironment allows you to set the value of permitUserEnvironment.
func SetProxyMode ¶
func SetProxyMode(tsrv reversetunnel.Server) ServerOption
SetProxyMode starts this server in SSH proxying mode
func SetRotationGetter ¶
func SetRotationGetter(getter RotationGetter) ServerOption
SetRotationGetter sets rotation state getter
func SetSessionServer ¶
func SetSessionServer(sessionServer rsession.Service) ServerOption
SetSessionServer represents realtime session registry server
func SetShell ¶
func SetShell(shell string) ServerOption
SetShell sets default shell that will be executed for interactive sessions
func SetUseTunnel ¶
func SetUseTunnel(useTunnel bool) ServerOption