Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var AllOptions = map[string]map[string]bool{ "AddKeysToAgent": {"yes": true}, "AddressFamily": {}, "BatchMode": {}, "BindAddress": {}, "CanonicalDomains": {}, "CanonicalizeFallbackLocal": {}, "CanonicalizeHostname": {}, "CanonicalizeMaxDots": {}, "CanonicalizePermittedCNAMEs": {}, "CertificateFile": {}, "ChallengeResponseAuthentication": {}, "CheckHostIP": {}, "Cipher": {}, "Ciphers": {}, "ClearAllForwardings": {}, "Compression": {}, "CompressionLevel": {}, "ConnectionAttempts": {}, "ConnectTimeout": {}, "ControlMaster": {}, "ControlPath": {}, "ControlPersist": {}, "DynamicForward": {}, "EscapeChar": {}, "ExitOnForwardFailure": {}, "FingerprintHash": {}, "ForwardAgent": {"yes": true, "no": true}, "ForwardX11": {}, "ForwardX11Timeout": {}, "ForwardX11Trusted": {}, "GatewayPorts": {}, "GlobalKnownHostsFile": {}, "GSSAPIAuthentication": {}, "GSSAPIDelegateCredentials": {}, "HashKnownHosts": {}, "Host": {}, "HostbasedAuthentication": {}, "HostbasedKeyTypes": {}, "HostKeyAlgorithms": {}, "HostKeyAlias": {}, "HostName": {}, "IdentityFile": {}, "IdentitiesOnly": {}, "IPQoS": {}, "KbdInteractiveAuthentication": {}, "KbdInteractiveDevices": {}, "KexAlgorithms": {}, "LocalCommand": {}, "LocalForward": {}, "LogLevel": {}, "MACs": {}, "Match": {}, "NoHostAuthenticationForLocalhost": {}, "NumberOfPasswordPrompts": {}, "PasswordAuthentication": {}, "PermitLocalCommand": {}, "PKCS11Provider": {}, "Port": {}, "PreferredAuthentications": {}, "Protocol": {}, "ProxyCommand": {}, "ProxyUseFdpass": {}, "PubkeyAcceptedKeyTypes": {}, "PubkeyAuthentication": {}, "RekeyLimit": {}, "RemoteForward": {}, "RequestTTY": {"yes": true, "no": true}, "RhostsRSAAuthentication": {}, "RSAAuthentication": {}, "SendEnv": {}, "ServerAliveInterval": {}, "ServerAliveCountMax": {}, "StreamLocalBindMask": {}, "StreamLocalBindUnlink": {}, "StrictHostKeyChecking": {"yes": true, "no": true}, "TCPKeepAlive": {}, "Tunnel": {}, "TunnelDevice": {}, "UpdateHostKeys": {}, "UsePrivilegedPort": {}, "User": {}, "UserKnownHostsFile": {}, "VerifyHostKeyDNS": {}, "VisualHostKey": {}, "XAuthLocation": {}, }
AllOptions is a listing of all known OpenSSH options.
Functions ¶
This section is empty.
Types ¶
type CLIConf ¶
type CLIConf struct { // UserHost contains "[login]@hostname" argument to SSH command UserHost string // Commands to execute on a remote host RemoteCommand []string // DesiredRoles indicates one or more roles which should be requested. DesiredRoles string // RequestReason indicates the reason for an access request. RequestReason string // SuggestedReviewers is a list of suggested request reviewers. SuggestedReviewers string // NoWait can be used with an access request to exit without waiting for a request resolution. NoWait bool // RequestedResourceIDs is a list of resources to request access to. RequestedResourceIDs []string // RequestID is an access request ID RequestID string // RequestIDs is a list of access request IDs RequestIDs []string // ReviewReason indicates the reason for an access review. ReviewReason string // ReviewableRequests indicates that only requests which can be reviewed should // be listed. ReviewableRequests bool // SuggestedRequests indicates that only requests which suggest the current user // as a reviewer should be listed. SuggestedRequests bool // MyRequests indicates that only requests created by the current user // should be listed. MyRequests bool // Approve/Deny indicates the desired review kind. Approve, Deny bool // ResourceKind is the resource kind to search for ResourceKind string // Username is the Teleport user's username (to login into proxies) Username string // ExplicitUsername is true if Username was initially set by the end-user // (for example, using command-line flags). ExplicitUsername bool // Proxy keeps the hostname:port of the SSH proxy to use Proxy string // TTL defines how long a session must be active (in minutes) MinsToLive int32 // SSH Port on a remote SSH host NodePort int32 // Login on a remote SSH host NodeLogin string // InsecureSkipVerify bypasses verification of HTTPS certificate when talking to web proxy InsecureSkipVerify bool // SessionID identifies the session tsh is operating on. // For `tsh join`, it is the ID of the session to join. // For `tsh play`, it is either the ID of the session to play, // or the path to a local session file which has already been // downloaded. SessionID string // Src:dest parameter for SCP CopySpec []string // -r flag for scp RecursiveCopy bool // -L flag for ssh. Local port forwarding like 'ssh -L 80:remote.host:80 -L 443:remote.host:443' LocalForwardPorts []string // DynamicForwardedPorts is port forwarding using SOCKS5. It is similar to // "ssh -D 8080 example.com". DynamicForwardedPorts []string // ForwardAgent agent to target node. Equivalent of -A for OpenSSH. ForwardAgent bool // ProxyJump is an optional -J flag pointing to the list of jumphosts, // it is an equivalent of --proxy flag in tsh interpretation ProxyJump string // --local flag for ssh LocalExec bool // SiteName specifies remote site go login to SiteName string // KubernetesCluster specifies the kubernetes cluster to login to. KubernetesCluster string // DaemonAddr is the daemon listening address. DaemonAddr string // DaemonCertsDir is the directory containing certs used to create secure gRPC connection with daemon service DaemonCertsDir string // DatabaseService specifies the database proxy server to log into. DatabaseService string // DatabaseUser specifies database user to embed in the certificate. DatabaseUser string // DatabaseName specifies database name to embed in the certificate. DatabaseName string // AppName specifies proxied application name. AppName string // Interactive, when set to true, launches remote command with the terminal attached Interactive bool // Quiet mode, -q command (disables progress printing) Quiet bool // Namespace is used to select cluster namespace Namespace string // NoCache is used to turn off client cache for nodes discovery NoCache bool // BenchDuration is a duration for the benchmark BenchDuration time.Duration // BenchRate is a requests per second rate to maintain BenchRate int // BenchInteractive indicates that we should create interactive session BenchInteractive bool // BenchExport exports the latency profile BenchExport bool // BenchExportPath saves the latency profile in provided path BenchExportPath string // BenchTicks ticks per half distance BenchTicks int32 // BenchValueScale value at which to scale the values recorded BenchValueScale float64 // Context is a context to control execution Context context.Context // IdentityFileIn is an argument to -i flag (path to the private key+cert file) IdentityFileIn string // Compatibility flags, --compat, specifies OpenSSH compatibility flags. Compatibility string // CertificateFormat defines the format of the user SSH certificate. CertificateFormat string // IdentityFileOut is an argument to -out flag IdentityFileOut string // IdentityFormat (used for --format flag for 'tsh login') defines which // format to use with --out to store a freshly retrieved certificate IdentityFormat identityfile.Format // IdentityOverwrite when true will overwrite any existing identity file at // IdentityFileOut. When false, user will be prompted before overwriting // any files. IdentityOverwrite bool // BindAddr is an address in the form of host:port to bind to // during `tsh login` command BindAddr string // AuthConnector is the name of the connector to use. AuthConnector string // MFAMode is the preferred mode for MFA/Passwordless assertions. MFAMode string // SkipVersionCheck skips version checking for client and server SkipVersionCheck bool // Options is a list of OpenSSH options in the format used in the // configuration file. Options []string // Verbose is used to print extra output. Verbose bool // Format is used to change the format of output Format string // SearchKeywords is a list of search keywords to match against resource field values. SearchKeywords string // PredicateExpression defines boolean conditions that will be matched against the resource. PredicateExpression string // NoRemoteExec will not execute a remote command after connecting to a host, // will block instead. Useful when port forwarding. Equivalent of -N for OpenSSH. NoRemoteExec bool // X11ForwardingUntrusted will set up untrusted X11 forwarding for the session ('ssh -X') X11ForwardingUntrusted bool // X11Forwarding will set up trusted X11 forwarding for the session ('ssh -Y') X11ForwardingTrusted bool // X11ForwardingTimeout can optionally set to set a timeout for untrusted X11 forwarding. X11ForwardingTimeout time.Duration // Debug sends debug logs to stdout. Debug bool // Browser can be used to pass the name of a browser to override the system default // (not currently implemented), or set to 'none' to suppress browser opening entirely. Browser string // UseLocalSSHAgent set to false will prevent this client from attempting to // connect to the local ssh-agent (or similar) socket at $SSH_AUTH_SOCK. // // Deprecated in favor of `AddKeysToAgent`. UseLocalSSHAgent bool // AddKeysToAgent specifies the behavior of how certs are handled. AddKeysToAgent string // EnableEscapeSequences will scan stdin for SSH escape sequences during // command/shell execution. This also requires stdin to be an interactive // terminal. EnableEscapeSequences bool // PreserveAttrs preserves access/modification times from the original file. PreserveAttrs bool // HomePath is where tsh stores profiles HomePath string // GlobalTshConfigPath is a path to global TSH config. Can be overridden with TELEPORT_GLOBAL_TSH_CONFIG. GlobalTshConfigPath string // LocalProxyPort is a port used by local proxy listener. LocalProxyPort string // LocalProxyCertFile is the client certificate used by local proxy. LocalProxyCertFile string // LocalProxyKeyFile is the client key used by local proxy. LocalProxyKeyFile string // LocalProxyTunnel specifies whether local proxy will open auth'd tunnel. LocalProxyTunnel bool // AWSRole is Amazon Role ARN or role name that will be used for AWS CLI access. AWSRole string // AWSCommandArgs contains arguments that will be forwarded to AWS CLI binary. AWSCommandArgs []string // AWSEndpointURLMode is an AWS proxy mode that serves an AWS endpoint URL // proxy instead of an HTTPS proxy. AWSEndpointURLMode bool // Reason is the reason for starting an ssh or kube session. Reason string // Invited is a list of invited users to an ssh or kube session. Invited []string // JoinMode is the participant mode someone is joining a session as. JoinMode string // ListAll specifies if an ls command should return results from all clusters and proxies. ListAll bool // SampleTraces indicates whether traces should be sampled. SampleTraces bool // TracingProvider is the provider to use to create tracers, from which spans can be created. TracingProvider oteltrace.TracerProvider // FromUTC is the start time to use for the range of sessions listed by the session recordings listing command FromUTC string // ToUTC is the start time to use for the range of sessions listed by the session recordings listing command ToUTC string // contains filtered or unexported fields }
CLIConf stores command line arguments and flags:
type Options ¶
type Options struct { // AddKeysToAgent specifies whether keys should be automatically added to a // running SSH agent. Supported options values are "yes". AddKeysToAgent bool // ForwardAgent specifies whether the connection to the authentication // agent will be forwarded to the remote machine. Supported option values // are "yes" and "no". ForwardAgent bool // RequestTTY specifies whether to request a pseudo-tty for the session. // Supported option values are "yes" and "no". RequestTTY bool // StrictHostKeyChecking is used control if tsh will automatically add host // keys to the ~/.tsh/known_hosts file. Supported option values are "yes" // and "no". StrictHostKeyChecking bool }
Options holds parsed values of OpenSSH options.
type Teleport ¶
type Teleport struct {
Config CLIConf
}
func NewTeleport ¶
func NewTeleport() *Teleport
func (*Teleport) ConnectToNode ¶
func (*Teleport) DescribeStatus ¶
func (*Teleport) SelectNode ¶
SelectNode select node
Click to show internal directories.
Click to hide internal directories.