sshd

package
v2.0.0-beta1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 16, 2016 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Overview

Package sshd implements an SSH server.

See https://tools.ietf.org/html/rfc4254

This was copied over (and effectively forked from) cookoo-ssh. Mainly this differs from the cookoo-ssh version in that this does not act like a stand-alone SSH server.

Index

Constants

View Source
const (
	// HostKeys is the context key for Host Keys list.
	HostKeys string = "ssh.HostKeys"
	// Address is the context key for SSH address.
	Address string = "ssh.Address"
	// ServerConfig is the context key for ServerConfig object.
	ServerConfig string = "ssh.ServerConfig"
)

Variables

This section is empty.

Functions

func AuthKey

func AuthKey(c cookoo.Context, p *cookoo.Params) (interface{}, cookoo.Interrupt)

AuthKey authenticates based on a public key.

Params:

  • metadata (ssh.ConnMetadata)
  • key (ssh.PublicKey)

Returns:

*ssh.Permissions

func Configure

func Configure(c cookoo.Context, p *cookoo.Params) (interface{}, cookoo.Interrupt)

Configure creates a new SSH configuration object.

Config sets a PublicKeyCallback handler that forwards public key auth requests to the route named "pubkeyAuth".

This assumes certain details about our environment, like the location of the host keys. It also provides only key-based authentication. ConfigureServerSshConfig

Returns:

An *ssh.ServerConfig

func GenSSHKeys

func GenSSHKeys(c cookoo.Context, p *cookoo.Params) (interface{}, cookoo.Interrupt)

GenSSHKeys generates the default set of SSH host keys.

func ParseHostKeys

func ParseHostKeys(c cookoo.Context, p *cookoo.Params) (interface{}, cookoo.Interrupt)

ParseHostKeys parses the host key files.

By default it looks in /etc/ssh for host keys of the patterh ssh_host_{{TYPE}}_key.

Params:

  • keytypes ([]string): Key types to parse. Defaults to []string{rsa, dsa, ecdsa}
  • enableV1 (bool): Allow V1 keys. By default this is disabled.
  • path (string): Override the lookup pattern. If %s, it will be replaced with the keytype.

Returns:

[]ssh.Signer

func Ping

func Ping(c cookoo.Context, p *cookoo.Params) (interface{}, cookoo.Interrupt)

Ping handles a simple test SSH exec.

Returns the string PONG and exit status 0.

Params:

  • channel (ssh.Channel): The channel to respond on.
  • request (*ssh.Request): The request.

func Serve

func Serve(
	reg *cookoo.Registry,
	router *cookoo.Router,
	serverCircuit *Circuit,
	gitHomeDir string,
	concurrentPushLock RepositoryLock,
	c cookoo.Context) cookoo.Interrupt

Serve starts a native SSH server.

The general design of the server is that it acts as a main server for a Cookoo app. It assumes that certain things have been configured for it, like an ssh.ServerConfig. Once it runs, it will block until the main process terminates. If you want to stop it prior to that, you can grab the closer ("sshd.Closer") out of the context and send it a signal.

Currently, the service is not generic. It only runs git hooks.

This expects the following Context variables.

  • ssh.Hostkeys ([]ssh.Signer): Host key, as an unparsed byte slice.
  • ssh.Address (string): Address/port
  • ssh.ServerConfig (*ssh.ServerConfig): The server config to use.

This puts the following variables into the context:

  • ssh.Closer (chan interface{}): Send a message to this to shutdown the server.

Types

type Circuit

type Circuit struct {
	// contains filtered or unexported fields
}

Circuit is a concurrency-safe data structure that can take one of two states at any point in time:

- OpenState - non functional - ClosedState - functional

The circuit is intended as a point-in-time indicator of functionality. It has no backoff mechanism, jitter or ramp-up/ramp-down functionality.

func NewCircuit

func NewCircuit() *Circuit

NewCircuit creates a new circuit, in the open (non-functional) state.

func (*Circuit) Close

func (c *Circuit) Close() bool

Close closes the circuit if it wasn't already closed. Returns true if it had to be closed, false if it was already closed.

func (*Circuit) Open

func (c *Circuit) Open() bool

Open opens the circuit if it wasn't already closed. Returns true if it had to be opened, false if it was already open.

func (*Circuit) State

func (c *Circuit) State() CircuitState

State returns the current state of the circuit. Note that concurrent modifications may be happening, so the state may be different than what's returned.

type CircuitState

type CircuitState uint32

CircuitState represents the state of a Circuit.

const (
	// OpenState indicates that the circuit is in the open state, and thus non-functional.
	OpenState CircuitState = 0
	// ClosedState indicates that the circuit is in the closed state, and thus functional.
	ClosedState CircuitState = 1
)

func (CircuitState) String

func (c CircuitState) String() string

String is the fmt.Stringer interface implementation.

type Config

type Config struct {
	SSHHostIP                   string `envconfig:"SSH_HOST_IP" default:"0.0.0.0" required:"true"`
	SSHHostPort                 int    `envconfig:"SSH_HOST_PORT" default:"2223" required:"true"`
	HealthSrvPort               int    `envconfig:"HEALTH_SERVER_PORT" default:"8092"`
	HealthSrvTestStorageRegion  string `envconfig:"STORAGE_REGION" default:"us-east-1"`
	CleanerPollSleepDurationSec int    `envconfig:"CLEANER_POLL_SLEEP_DURATION_SEC" default:"1"`
}

Config represents the required SSH server configuration.

func (Config) CleanerPollSleepDuration

func (c Config) CleanerPollSleepDuration() time.Duration

CleanerPollSleepDuration returns c.CleanerPollSleepDurationSec as a time.Duration.

type EnvVar

type EnvVar struct {
	Name  string
	Value string
}

EnvVar is an SSH env request.

type ExecCmd

type ExecCmd struct {
	Value string
}

ExecCmd is an SSH exec request.

type GenericMessage

type GenericMessage struct {
	Value string
}

GenericMessage describes a simple string message, which is common in SSH.

type RepositoryLock

type RepositoryLock interface {
	// Lock acquires a lock for a repository. In the case the repository is already locked
	// it waits until a timeout to get the lock. If it was not possible to get the
	// lock after the timeout an error is returned.
	Lock(repoName string, timeout time.Duration) error
	// Unlock releases the lock for a repository or returns an error if the specified
	// name doesn't exist. In the case the repository is already locked it waits until
	// a timeout to get the lock. If it was not possible to get the lock after the timeout
	// an error is returned.
	Unlock(repoName string, timeout time.Duration) error
}

RepositoryLock interface that allows the creation of a lock associated with a repository name to avoid simultaneous git operations.

func NewInMemoryRepositoryLock

func NewInMemoryRepositoryLock() RepositoryLock

NewInMemoryRepositoryLock returns a new instance of a RepositoryLock.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL