access

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 15, 2024 License: AGPL-3.0 Imports: 16 Imported by: 0

Documentation

Overview

Package access provides an API for accessing jump. Jump is aware of the roles of hosts and clients in establishing ssh connections, and will allocate unique connections to new clients. It requires crossbar to trigger the SSH host to connect AFTER the client has connected, because SSH is a server-speaks-first protocol. Hence access does not need to transmit the URI of the unique connection to the host because shellbar will do this when the client makes its websocket connection. There is no guarantee a host is connected at any given time, and if it drops its management channel which is connected to the base session_id, then it cannot be reached. As crossbar puts a websocket wrapper around the already-encrypted TCP/IP, the communication remains encrypted end-to-end. For more details on SSH security properties, see https://docstore.mik.ua/orelly/networking_2ndEd/ssh/ch03_01.htm

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func API 

func API(ctx context.Context, config Config)

API starts the API Inputs @closed - channel will be closed when server shutsdown @wg - waitgroup, we must wg.Done() when we are shutdown @port - where to listen locally @host - external FQDN of the host (for checking against tokens) e.g. https://relay-access.practable.io @target - FQDN of the relay instance e.g. wss://relay.practable.io @secret- HMAC shared secret which incoming tokens will be signed with @cs - pointer to the CodeStore this API shares with the shellbar websocket relay @options - for future backwards compatibility (no options currently available)

func Token added in v0.3.0 

func Token(audience, ct, topic, secret string, scopes []string, iat, nbf, exp int64) (string, error)

Token returns a signed token

Types

type Config added in v0.3.0 

type Config struct {

	// Audience must match the host in token
	Audience string

	// ExchangeCode swaps a code for the associated Token
	CodeStore *ttlcode.CodeStore

	// Listen is the port this service listens on
	Listen int

	// Secret is used to validate tokens
	Secret string

	//Target is the FQDN of the relay instance
	Target string
}

Config represents configuration of the relay & lets configuration be passed as argument to permit testing

Source Files

View all Source files

Directories

Path Synopsis
Package restapi access
 Package restapi access
operations

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.