sshutils

package
v2.0.0-alpha.0+incompa... Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 19, 2017 License: Apache-2.0 Imports: 17 Imported by: 14

Documentation

Overview

Copyright 2015 Gravitational, Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Copyright 2015 Gravitational, Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

View Source
const (
	SessionEnvVar   = "TELEPORT_SESSION"
	SetEnvReq       = "env"
	WindowChangeReq = "window-change"
	PTYReq          = "pty-req"
)
View Source
const (
	// SSHVersionPrefix is the prefix of "server version" string which begins
	// every SSH handshake. It MUST start with "SSH-2.0" according to
	// https://tools.ietf.org/html/rfc4253#page-4
	SSHVersionPrefix = "SSH-2.0-Teleport"

	// ProxyHelloSignature is a string which Teleport proxy will send
	// right after the initial SSH "handshake/version" message if it detects
	// talking to a Teleport server.
	ProxyHelloSignature = "Teleport-Proxy"

	// MaxVersionStringBytes is the maximum number of bytes allowed for a
	// SSH version string
	// https://tools.ietf.org/html/rfc4253
	MaxVersionStringBytes = 255
)

Variables

This section is empty.

Functions

func AuthorizedKeyFingerprint added in v1.0.0

func AuthorizedKeyFingerprint(publicKey []byte) (string, error)

AuthorizedKeyFingerprint returns fingerprint from public key in authorized key format

func CloseAll

func CloseAll(closers ...io.Closer) error

func Fingerprint added in v1.0.0

func Fingerprint(key ssh.PublicKey) string

Fingerprint returns SSH RFC4716 fingerprint of the key

func KeysEqual

func KeysEqual(ak, bk ssh.PublicKey) bool

KeysEqual is constant time compare of the keys to avoid timing attacks

func NewSigner

func NewSigner(keyBytes, certBytes []byte) (ssh.Signer, error)

NewSigner returns new ssh Signer using OpenSSH certificates to authenticate itself

func PrivateKeyFingerprint added in v1.0.0

func PrivateKeyFingerprint(keyBytes []byte) (string, error)

PrivateKeyFingerprint returns fingerprint of the public key extracted from the PEM encoded private key

Types

type AuthMethods

type AuthMethods struct {
	PublicKey PublicKeyFunc
	Password  PasswordFunc
	NoClient  bool
}

type DirectTCPIPReq

type DirectTCPIPReq struct {
	Host string
	Port uint32

	Orig     string
	OrigPort uint32
}

func ParseDirectTCPIPReq

func ParseDirectTCPIPReq(data []byte) (*DirectTCPIPReq, error)

type EnvReqParams

type EnvReqParams struct {
	Name  string
	Value string
}

type HandshakePayload

type HandshakePayload struct {
	// ClientAddr is the IP address of the remote client
	ClientAddr string `json:"clientAddr,omitempty"`
}

HandshakePayload structure is sent as a JSON blob by the teleport proxy to every SSH server who identifies itself as Teleport server

It allows teleport proxies to communicate additional data to server

type NewChanHandler

type NewChanHandler interface {
	HandleNewChan(net.Conn, *ssh.ServerConn, ssh.NewChannel)
}

type NewChanHandlerFunc

type NewChanHandlerFunc func(net.Conn, *ssh.ServerConn, ssh.NewChannel)

func (NewChanHandlerFunc) HandleNewChan

func (f NewChanHandlerFunc) HandleNewChan(conn net.Conn, sshConn *ssh.ServerConn, ch ssh.NewChannel)

type PTYReqParams

type PTYReqParams struct {
	Env   string
	W     uint32
	H     uint32
	Wpx   uint32
	Hpx   uint32
	Modes string
}

type PasswordFunc

type PasswordFunc func(conn ssh.ConnMetadata, password []byte) (*ssh.Permissions, error)

type PublicKeyFunc

type PublicKeyFunc func(conn ssh.ConnMetadata, key ssh.PublicKey) (*ssh.Permissions, error)

type RequestHandler

type RequestHandler interface {
	HandleRequest(r *ssh.Request)
}

type RequestHandlerFunc

type RequestHandlerFunc func(*ssh.Request)

func (RequestHandlerFunc) HandleRequest

func (f RequestHandlerFunc) HandleRequest(r *ssh.Request)

type Server

type Server struct {
	// contains filtered or unexported fields
}

Server is a generic implementation of an SSH server. All Teleport services (auth, proxy, ssh) use this as a base to accept SSH connections.

func NewServer

func NewServer(
	component string,
	a utils.NetAddr,
	h NewChanHandler,
	hostSigners []ssh.Signer,
	ah AuthMethods,
	opts ...ServerOption) (*Server, error)

func (*Server) Addr

func (s *Server) Addr() string

func (*Server) Close

func (s *Server) Close() error

Close closes listening socket and stops accepting connections

func (*Server) Start

func (s *Server) Start() error

func (*Server) Wait

func (s *Server) Wait()

type ServerOption

type ServerOption func(cfg *Server) error

ServerOption is a functional argument for server

func SetLimiter added in v1.0.0

func SetLimiter(limiter *limiter.Limiter) ServerOption

func SetRequestHandler

func SetRequestHandler(req RequestHandler) ServerOption

func SetSSHConfig

func SetSSHConfig(cfg ssh.ServerConfig) ServerOption

type Upstream

type Upstream struct {
	sync.Mutex
	// contains filtered or unexported fields
}

Upstream is a wrapper around SSH client connection that provides some handy functions to work with interactive shells and launching commands

func DialUpstream

func DialUpstream(username, addr string, signers []ssh.Signer) (*Upstream, error)

DialUpstream dials remote server and returns upstream

func NewUpstream

func NewUpstream(clt *ssh.Client) (*Upstream, error)

NewUpstream returns new upstream connection to the server

func (*Upstream) Close

func (u *Upstream) Close() error

Close closes session and client connection

func (*Upstream) CommandRW

func (u *Upstream) CommandRW(command string) (io.ReadWriter, error)

CommandRW executes a command and returns read writer to communicate with the process using it's stdin and stdout

func (*Upstream) GetClient added in v1.0.0

func (u *Upstream) GetClient() *ssh.Client

GetClient returns current active ssh client

func (*Upstream) GetSession

func (u *Upstream) GetSession() *ssh.Session

GetSession returns current active sesson

func (*Upstream) PipeCommand

func (u *Upstream) PipeCommand(ch io.ReadWriter, command string) (int, error)

PipeCommand pipes input and output to the read writer, returns result code of the command execution

func (*Upstream) PipeShell

func (u *Upstream) PipeShell(rw io.ReadWriter, req *PTYReqParams) error

PipeShell starts interactive shell and pipes stdin, stdout and stderr to the given read writer

func (*Upstream) SetPrefix added in v1.0.0

func (u *Upstream) SetPrefix(data []byte)

func (*Upstream) String

func (u *Upstream) String() string

String returns debug-friendly information about this upstream

func (*Upstream) Wait

func (u *Upstream) Wait() error

Wait waits for the session to complete

type WinChangeReqParams

type WinChangeReqParams struct {
	W     uint32
	H     uint32
	Wpx   uint32
	Hpx   uint32
	Modes string
}

Directories

Path Synopsis
Package scp handles file uploads and downloads via scp command
Package scp handles file uploads and downloads via scp command

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL