regular

package
v4.2.0-rc.2+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 9, 2019 License: Apache-2.0 Imports: 34 Imported by: 0

Documentation

Overview

Package regular implements SSH server that supports multiplexing tunneling, SSH connections proxying and only supports Key based auth

Index

Constants

View Source
const (
	// ChanDirectTCPIP is a direct tcp ip channel
	ChanDirectTCPIP = "direct-tcpip"
	// ChanSession is a SSH session channel
	ChanSession = "session"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type RotationGetter

type RotationGetter func(role teleport.Role) (*services.Rotation, error)

RotationGetter returns rotation state

type Server

type Server struct {
	sync.Mutex

	*logrus.Entry
	// contains filtered or unexported fields
}

Server implements SSH server that uses configuration backend and certificate-based authentication

func New

func New(addr utils.NetAddr,
	hostname string,
	signers []ssh.Signer,
	authService auth.AccessPoint,
	dataDir string,
	advertiseIP string,
	proxyPublicAddr utils.NetAddr,
	options ...ServerOption) (*Server, error)

New returns an unstarted server

func (*Server) Addr

func (s *Server) Addr() string

Addr returns server address

func (*Server) AdvertiseAddr

func (s *Server) AdvertiseAddr() string

AdvertiseAddr returns an address this server should be publicly accessible as, in "ip:host" form

func (*Server) Close

func (s *Server) Close() error

Close closes listening socket and stops accepting connections

func (*Server) Component

func (s *Server) Component() string

func (*Server) EmitAuditEvent

func (s *Server) EmitAuditEvent(event events.Event, fields events.EventFields)

EmitAuditEvent logs a given event to the audit log attached to the server who owns these sessions

func (*Server) GetAccessPoint

func (s *Server) GetAccessPoint() auth.AccessPoint

func (*Server) GetAuditLog

func (s *Server) GetAuditLog() events.IAuditLog

func (*Server) GetBPF

func (s *Server) GetBPF() bpf.BPF

GetBPF returns the BPF service used by enhanced session recording.

func (*Server) GetClock

func (s *Server) GetClock() clockwork.Clock

GetClock returns server clock implementation

func (*Server) GetDataDir

func (s *Server) GetDataDir() string

GetDataDir returns server data dir

func (*Server) GetInfo

func (s *Server) GetInfo() services.Server

GetInfo returns a services.Server that represents this server.

func (*Server) GetNamespace

func (s *Server) GetNamespace() string

func (*Server) GetPAM

func (s *Server) GetPAM() (*pam.Config, error)

GetPAM returns the PAM configuration for this server.

func (*Server) GetSessionServer

func (s *Server) GetSessionServer() rsession.Service

func (*Server) HandleConnection

func (s *Server) HandleConnection(conn net.Conn)

HandleConnection is called after a connection has been accepted and starts to perform the SSH handshake immediately.

func (*Server) HandleNewChan

func (s *Server) HandleNewChan(wconn net.Conn, sconn *ssh.ServerConn, nch ssh.NewChannel)

HandleNewChan is called when new channel is opened

func (*Server) HandleRequest

func (s *Server) HandleRequest(r *ssh.Request)

HandleRequest processes global out-of-band requests. Global out-of-band requests are processed in order (this way the originator knows which request we are responding to). If Teleport does not support the request type or an error occurs while processing that request Teleport will reply req.Reply(false, nil).

For more details: https://tools.ietf.org/html/rfc4254.html#page-4

func (*Server) HostUUID

func (s *Server) HostUUID() string

HostUUID is the ID of the server. This value is the same as ID, it is different from the forwarding server.

func (*Server) ID

func (s *Server) ID() string

ID returns server ID

func (*Server) PermitUserEnvironment

func (s *Server) PermitUserEnvironment() bool

PermitUserEnvironment returns if ~/.tsh/environment will be read before a session is created by this server.

func (*Server) Serve

func (s *Server) Serve(l net.Listener) error

Serve servers service on started listener

func (*Server) Shutdown

func (s *Server) Shutdown(ctx context.Context) error

Shutdown performs graceful shutdown

func (*Server) Start

func (s *Server) Start() error

Start starts server

func (*Server) UseTunnel

func (s *Server) UseTunnel() bool

UseTunnel used to determine if this node has connected to this cluster using reverse tunnel.

func (*Server) Wait

func (s *Server) Wait()

Wait waits until server stops

type ServerOption

type ServerOption func(s *Server) error

ServerOption is a functional option passed to the server

func SetAuditLog

func SetAuditLog(alog events.IAuditLog) ServerOption

SetAuditLog assigns an audit log interfaces to this server

func SetBPF

func SetBPF(ebpf bpf.BPF) ServerOption

func SetCiphers

func SetCiphers(ciphers []string) ServerOption

func SetFIPS

func SetFIPS(fips bool) ServerOption

func SetKEXAlgorithms

func SetKEXAlgorithms(kexAlgorithms []string) ServerOption

func SetLabels

func SetLabels(labels map[string]string,
	cmdLabels services.CommandLabels) ServerOption

SetLabels sets dynamic and static labels that server will report to the auth servers

func SetLimiter

func SetLimiter(limiter *limiter.Limiter) ServerOption

SetLimiter sets rate and connection limiter for this server

func SetMACAlgorithms

func SetMACAlgorithms(macAlgorithms []string) ServerOption

func SetNamespace

func SetNamespace(namespace string) ServerOption

func SetPAMConfig

func SetPAMConfig(pamConfig *pam.Config) ServerOption

func SetPermitUserEnvironment

func SetPermitUserEnvironment(permitUserEnvironment bool) ServerOption

SetPermitUserEnvironment allows you to set the value of permitUserEnvironment.

func SetProxyMode

func SetProxyMode(tsrv reversetunnel.Server) ServerOption

SetProxyMode starts this server in SSH proxying mode

func SetRotationGetter

func SetRotationGetter(getter RotationGetter) ServerOption

SetRotationGetter sets rotation state getter

func SetSessionServer

func SetSessionServer(sessionServer rsession.Service) ServerOption

SetSessionServer represents realtime session registry server

func SetShell

func SetShell(shell string) ServerOption

SetShell sets default shell that will be executed for interactive sessions

func SetUUID

func SetUUID(uuid string) ServerOption

SetUUID sets server unique ID

func SetUseTunnel

func SetUseTunnel(useTunnel bool) ServerOption

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL