forward

package
v4.1.3+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 24, 2019 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Server

type Server struct {
	// contains filtered or unexported fields
}

Server is a forwarding server. Server is used to create a single in-memory SSH server that will forward connections to a remote server. It's used along with the recording proxy to allow Teleport to record sessions with OpenSSH nodes at the proxy level.

To create a forwarding server and serve a single SSH connection on it:

serverConfig := forward.ServerConfig{
   ...
}
remoteServer, err := forward.New(serverConfig)
if err != nil {
	return nil, trace.Wrap(err)
}
go remoteServer.Serve()

conn, err := remoteServer.Dial()
if err != nil {
	return nil, trace.Wrap(err)
}

func New

func New(c ServerConfig) (*Server, error)

New creates a new unstarted Server.

func (*Server) AdvertiseAddr

func (s *Server) AdvertiseAddr() string

AdvertiseAddr is the address of the remote host this forwarding server is connected to.

func (*Server) Close

func (s *Server) Close() error

Close will close all underlying connections that the forwarding server holds.

func (*Server) Component

func (s *Server) Component() string

Component is the type of node this server is.

func (*Server) Dial

func (s *Server) Dial() (net.Conn, error)

Dial returns the client connection created by pipeAddrConn.

func (*Server) EmitAuditEvent

func (s *Server) EmitAuditEvent(event events.Event, fields events.EventFields)

EmitAuditEvent sends an event to the Audit Log.

func (*Server) GetAccessPoint

func (s *Server) GetAccessPoint() auth.AccessPoint

GetAccessPoint returns an auth.AccessPoint for this cluster.

func (*Server) GetAuditLog

func (s *Server) GetAuditLog() events.IAuditLog

GetAuditLog returns the Audit Log for this cluster.

func (*Server) GetClock

func (s *Server) GetClock() clockwork.Clock

GetClock returns server clock implementation

func (*Server) GetDataDir

func (s *Server) GetDataDir() string

GetDataDir returns server local storage

func (*Server) GetInfo

func (s *Server) GetInfo() services.Server

GetInfo returns a services.Server that represents this server.

func (*Server) GetNamespace

func (s *Server) GetNamespace() string

GetNamespace returns the namespace the forwarding server resides in.

func (*Server) GetPAM

func (s *Server) GetPAM() (*pam.Config, error)

GetPAM returns the PAM configuration for a server. Because the forwarding server runs in-memory, it does not support PAM.

func (*Server) GetSessionServer

func (s *Server) GetSessionServer() session.Service

GetSessionServer returns a session server.

func (*Server) HostUUID

func (s *Server) HostUUID() string

HostUUID is the UUID of the underlying proxy that the forwarding server is running in.

func (*Server) ID

func (s *Server) ID() string

ID returns the ID of the proxy that creates the in-memory forwarding server.

func (*Server) PermitUserEnvironment

func (s *Server) PermitUserEnvironment() bool

PermitUserEnvironment is always false because it's up the the remote host to decide if the user environment will be read or not.

func (*Server) Serve

func (s *Server) Serve()

func (*Server) UseTunnel

func (s *Server) UseTunnel() bool

UseTunnel used to determine if this node has connected to this cluster using reverse tunnel.

type ServerConfig

type ServerConfig struct {
	AuthClient      auth.ClientI
	UserAgent       agent.Agent
	TargetConn      net.Conn
	SrcAddr         net.Addr
	DstAddr         net.Addr
	HostCertificate ssh.Signer

	// UseTunnel indicates of this server is connected over a reverse tunnel.
	UseTunnel bool

	// Address is the name of the host certificate.
	Address string

	// Ciphers is a list of ciphers that the server supports. If omitted,
	// the defaults will be used.
	Ciphers []string

	// KEXAlgorithms is a list of key exchange (KEX) algorithms that the
	// server supports. If omitted, the defaults will be used.
	KEXAlgorithms []string

	// MACAlgorithms is a list of message authentication codes (MAC) that
	// the server supports. If omitted the defaults will be used.
	MACAlgorithms []string

	// DataDir is a local data directory used for local server storage
	DataDir string

	// Clock is an optoinal clock to override default real time clock
	Clock clockwork.Clock

	// FIPS mode means Teleport started in a FedRAMP/FIPS 140-2 compliant
	// configuration.
	FIPS bool

	// HostUUID is the UUID of the underlying proxy that the forwarding server
	// is running in.
	HostUUID string
}

ServerConfig is the configuration needed to create an instance of a Server.

func (*ServerConfig) CheckDefaults

func (s *ServerConfig) CheckDefaults() error

CheckDefaults makes sure all required parameters are passed in.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL