gosshacl

package

v0.0.0-...-785270f Latest Latest Go to latest Published: Sep 30, 2021 License: CC0-1.0 Imports: 18 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aurora-is-near/sshaclsrv

Links

Open Source Insights

Documentation ¶

Overview ¶

Package gosshacl implements file based access control for SSH (authorizedkeyscommand).

File format:

<hostname>:<user>:<sha256_of_key>:<valid from>:<valid to>:[<authorized key entry>]

Index ¶

Variables
func FindEntry(r io.Reader, w io.Writer, hostname, user, key string) error
func FindEntryFromFile(filename string, w io.Writer, hostname, user, key string) error
type AuthorizedFile
- func New(filename string) (*AuthorizedFile, error)
- func (kf *AuthorizedFile) Close()
- func (kf *AuthorizedFile) FindEntry(w io.Writer, hostname, user, key string) error
type RemoteACL
- func NewRemote(url string, publicKey ed25519.PublicKey, token, hostname string) *RemoteACL
- func (remote *RemoteACL) Fetch(w io.Writer) error
- func (remote *RemoteACL) FindEntry(w io.Writer, username, fingerprint string) error

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// ErrFallback is returned if processing should continue with a different backend.
	ErrFallback = errors.New("fallback")
)

View Source

var (
	// ErrNotFound is returned if no matching entry could be found.
	ErrNotFound = errors.New("not found")
)

Functions ¶

func FindEntry ¶

func FindEntry(r io.Reader, w io.Writer, hostname, user, key string) error

FindEntry searches r for matching keys and writes them to w.

func FindEntryFromFile ¶

func FindEntryFromFile(filename string, w io.Writer, hostname, user, key string) error

FindEntryFromFile searches a file for matching keys and writes them to w.

Types ¶

type AuthorizedFile ¶

type AuthorizedFile os.File

AuthorizedFile is a file containing authorization information.

func New ¶

func New(filename string) (*AuthorizedFile, error)

New opens a file or its rollover.

func (*AuthorizedFile) Close ¶

func (kf *AuthorizedFile) Close()

Close the file.

func (*AuthorizedFile) FindEntry ¶

func (kf *AuthorizedFile) FindEntry(w io.Writer, hostname, user, key string) error

FindEntry finds valid entries in the file that match user and key (its sha256 fingerprint). It returns the authorized-keys entries that match.

type RemoteACL ¶

type RemoteACL struct {
	URL       string            // https://<url>/keyFP/hostname/user/
	PublicKey ed25519.PublicKey // Master Publickey.
	Token     string            // http-basic auth password, hostname is user.
	Hostname  string            // Server's hostname.
}

RemoteACL calls a remote HTTP(s) server to find keys.

func NewRemote ¶

func NewRemote(url string, publicKey ed25519.PublicKey, token, hostname string) *RemoteACL

NewRemote returns a new RemoteACL that uses the given url. If token is not empty it will be used as username in BasicAuth (password default). The public key will be used to verify the entry signatures.

func (*RemoteACL) Fetch ¶

func (remote *RemoteACL) Fetch(w io.Writer) error

Fetch calls the remote backend to find keys for the host and writes them to w.

func (*RemoteACL) FindEntry ¶

func (remote *RemoteACL) FindEntry(w io.Writer, username, fingerprint string) error

FindEntry calls the remote backend to find matching keys and writes them to w.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL