client

package
v0.1.0-alpha.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 23, 2016 License: Apache-2.0 Imports: 36 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	KeyFilePrefix       = "teleport_"
	KeyFileSuffix       = ".tkey"
	HostSignersFilename = "hostsigners.db"
)

Functions

func AddHostSignersToCache 

func AddHostSignersToCache(hostSigners []services.CertAuthority) error

AddHostSignersToCache takes a list of CAs whom we trust. This list is added to a database of "seen" CAs.

Every time we connect to a new host, we'll request its certificaate to be signed by one of these trusted CAs.

Why do we trust these CAs? Because we received them from a trusted Teleport Proxy. Why do we trust the proxy? Because we've connected to it via HTTPS + username + Password + HOTP.

func CheckHostSignature 

func CheckHostSignature(hostId string, remote net.Addr, key ssh.PublicKey) error

CheckHostSignature checks if the given host key was signed by one of the trusted certificaate authorities (CAs)

func GetLocalAgent 

func GetLocalAgent() (agent.Agent, error)

GetLocalAgent loads all the saved teleport certificates and creates ssh agent with them

func GetLocalAgentKeys 

func GetLocalAgentKeys() ([]agent.AddedKey, error)

GetLocalAgentKeys returns a list of local keys agents can use to authenticate

func GetTokenFromHOTPMockFile 

func GetTokenFromHOTPMockFile(path string) (token string, e error)

GetTokenFromHOTPMockFile opens HOTPMock from file, gets token value, increases hotp and saves it to the file. Returns hotp token value.

func ParseLabelSpec added in v1.0.0 

func ParseLabelSpec(spec string) (map[string]string, error)

parseLabelSpec parses a string like 'name=value,"long name"="quoted value"` into a map like { "name" -> "value", "long name" -> "quoted value" }

func Username added in v1.0.0 

func Username() string

username returns the current user's username

Types

type Config added in v1.0.0 

type Config struct {
	// Login is a teleport user login
	Login string

	// Remote host to connect
	Host string

	// Labels represent host Labels
	Labels map[string]string

	// HostLogin is a user login on a remote host
	HostLogin string

	// HostPort is a remote host port to connect to
	HostPort int

	// ProxyHost is a host or IP of the proxy (with optional ":port")
	ProxyHost string

	// KeyTTL is a time to live for the temporary SSH keypair to remain valid:
	KeyTTL time.Duration

	// InsecureSkipVerify is an option to skip HTTPS cert check
	InsecureSkipVerify bool
}

Config is a client config

func (*Config) NodeHostPort added in v1.0.0 

func (c *Config) NodeHostPort() string

NodeHostPort returns host:port string based on user supplied data either if user has set host:port in the connection string, or supplied the -p flag. If user has set both, -p flag data is ignored

func (*Config) ProxyHostPort added in v1.0.0 

func (c *Config) ProxyHostPort(defaultPort int) string

ProxyHostPort returns a full host:port address of the proxy or an empty string if no proxy is given. If 'forWeb' flag is set, returns HTTPS port, otherwise returns SSH port (proxy servers listen on both)

func (*Config) ProxySpecified added in v1.0.0 

func (c *Config) ProxySpecified() bool

ProxySpecified returns true if proxy has been specified

type HOTPMock 

type HOTPMock struct {
	*hotp.HOTP
}

HOTPMock is a HOTP that can be saved or load from file Using HOTPMock disables the hotp security level, don't use it in production

func CreateHOTPMock 

func CreateHOTPMock(hotpURLString string) (*HOTPMock, error)

func LoadHOTPMockFromFile 

func LoadHOTPMockFromFile(path string) (*HOTPMock, error)

func (*HOTPMock) SaveToFile 

func (otp *HOTPMock) SaveToFile(path string) error

type Key 

type Key struct {
	Priv     []byte
	Cert     []byte
	Deadline time.Time
}

type NodeClient 

type NodeClient struct {
	Client *ssh.Client
	Proxy  *ProxyClient
}

NodeClient implements ssh client to a ssh node (teleport or any regular ssh node) NodeClient can run shell and commands or upload and download files.

func (*NodeClient) Close 

func (client *NodeClient) Close() error

func (*NodeClient) Download 

func (client *NodeClient) Download(remoteSourcePath, localDestinationPath string, isDir bool) error

Download downloads file or dir from the remote server

func (*NodeClient) Run 

func (client *NodeClient) Run(cmd string, output io.Writer) error

Run executes command on the remote server and writes its stdout to the 'output' argument

func (*NodeClient) Shell 

func (client *NodeClient) Shell(width, height int, sessionID session.ID) (io.ReadWriteCloser, error)

Shell returns remote shell as io.ReadWriterCloser object

func (*NodeClient) Upload 

func (client *NodeClient) Upload(localSourcePath, remoteDestinationPath string) error

Upload uploads file or dir to the remote server

type ProxyClient 

type ProxyClient struct {
	Client *ssh.Client
	// contains filtered or unexported fields
}

ProxyClient implements ssh client to a teleport proxy It can provide list of nodes or connect to nodes

func (*ProxyClient) Close 

func (proxy *ProxyClient) Close() error

func (*ProxyClient) ConnectToNode 

func (proxy *ProxyClient) ConnectToNode(nodeAddress string, user string) (*NodeClient, error)

ConnectToNode connects to the ssh server via Proxy. It returns connected and authenticated NodeClient

func (*ProxyClient) ConnectToSite added in v1.0.0 

func (proxy *ProxyClient) ConnectToSite(siteName string, user string) (auth.ClientI, error)

ConnectToSite connects to the auth server of the given site via proxy. It returns connected and authenticated auth server client

func (*ProxyClient) FindServersByLabels added in v1.0.0 

func (proxy *ProxyClient) FindServersByLabels(labels map[string]string) ([]services.Server, error)

FindServersByLabels returns list of the nodes which have labels exactly matching the given label set.

A server is matched when ALL labels match. If no labels are passed, ALL nodes are returned.

func (*ProxyClient) GetSites added in v1.0.0 

func (proxy *ProxyClient) GetSites() ([]services.Site, error)

GetSites returns list of the "sites" (AKA teleport clusters) connected to the proxy Each site is returned as an instance of its auth server

NOTE: this version of teleport supports only one site per proxy

type TeleportClient added in v1.0.0 

type TeleportClient struct {
	Config
	// contains filtered or unexported fields
}

TeleportClient is a wrapper around SSH client with teleport specific workflow built in

func NewClient added in v1.0.0 

func NewClient(c *Config) (tc *TeleportClient, err error)

NewClient creates a TeleportClient object and fully configures it

func (*TeleportClient) AskPasswordAndHOTP added in v1.0.0 

func (tc *TeleportClient) AskPasswordAndHOTP() (pwd string, token string, err error)

AskPasswordAndHOTP prompts the user to enter the password + HTOP 2nd factor

func (*TeleportClient) ConnectToProxy added in v1.0.0 

func (tc *TeleportClient) ConnectToProxy() (*ProxyClient, error)

ConnectToProxy dials the proxy server and returns ProxyClient if successful

func (*TeleportClient) Join added in v1.0.0 

func (tc *TeleportClient) Join(sessionID session.ID) (err error)

Join connects to the existing/active SSH session

func (*TeleportClient) ListNodes added in v1.0.0 

func (tc *TeleportClient) ListNodes() ([]services.Server, error)

ListNodes returns a list of nodes connected to a proxy

func (*TeleportClient) Login added in v1.0.0 

func (tc *TeleportClient) Login() error

login asks for a password + HOTP token, makes a request to CA via proxy and saves the generated credentials into local keystore for future use

func (*TeleportClient) SCP added in v1.0.0 

func (tc *TeleportClient) SCP(args []string, port int, recursive bool) (err error)

SCP securely copies file(s) from one SSH server to another

func (*TeleportClient) SSH added in v1.0.0 

func (tc *TeleportClient) SSH(command string) (err error)

SSH connects to a node and, if 'command' is specified, executes the command on it, otherwise runs interactive shell

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.