security

package module
v0.9.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 29, 2020 License: MIT Imports: 4 Imported by: 4

README

ContainerSSH - Launch Containers on Demand

ContainerSSH Security Library

Go Report Card LGTM Alerts

This library provides a security overlay for the sshserver library.

Note: This is a developer documentation.
The user documentation for ContainerSSH is located at containerssh.io.

Using this library

This library is intended as a tie-in to an existing module and does not implement a full SSH backend. Instead, you can use the New() function to create a network connection handler with an appropriate backend:

security, err := security.New(
    config,
    backend
)

The backend should implement the sshserver.NetworkConnectionHandler interface from the sshserver library. For the details of the configuration structure please see config.go.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func New 

func New(
	config Config,
	backend sshserver.NetworkConnectionHandler,
) (sshserver.NetworkConnectionHandler, error)

Types

type CommandConfig 

type CommandConfig struct {
	// Mode configures how to treat command execution (exec) requests by SSH clients.
	Mode ExecutionPolicy `json:"mode" yaml:"mode" default:""`
	// Allow takes effect when Mode is ExecutionPolicyFilter and only allows the specified commands to be
	// executed. Note that the match an exact match is performed to avoid shell injections, etc.
	Allow []string
}

CommandConfig controls command executions via SSH (exec requests).

func (CommandConfig) Validate 

func (c CommandConfig) Validate() error

Validate validates a shell configuration

type Config 

type Config struct {
	// DefaultMode sets the default execution policy for all other commands. It is recommended to set this to "disable"
	// if for restricted setups to avoid accidentally allowing new features coming in with version upgrades.
	DefaultMode ExecutionPolicy `json:"defaultMode" yaml:"defaultMode"`

	// ForceCommand behaves similar to the OpenSSH ForceCommand option. When set this command overrides any command
	// requested by the client and executes this command instead. The original command supplied by the client will be
	// set in the `SSH_ORIGINAL_COMMAND` environment variable.
	//
	// Setting ForceCommand changes subsystem requests into exec requests for the backends.
	ForceCommand string `json:"forceCommand" yaml:"forceCommand"`

	// Env controls whether to allow or block setting environment variables.
	Env EnvConfig `json:"env" yaml:"env"`
	// Command controls whether to allow or block command ("exec") requests via SSh.
	Command CommandConfig `json:"command" yaml:"command"`
	// Shell controls whether to allow or block shell requests via SSh.
	Shell ShellConfig `json:"shell" yaml:"shell"`
	// Subsystem controls whether to allow or block subsystem requests via SSH.
	Subsystem SubsystemConfig `json:"subsystem" yaml:"subsystem"`

	// TTY controls how to treat TTY/PTY requests by clients.
	TTY TTYConfig `json:"tty" yaml:"tty"`

	// Signal configures how to handle signal requests to running programs.
	Signal SignalConfig `json:"signal" yaml:"signal"`

	// MaxSessions drives how many session channels can be open at the same time for a single network connection.
	MaxSessions uint `json:"maxSessions" yaml:"maxSessions"`
}

func (Config) Validate 

func (c Config) Validate() error

Validate validates a shell configuration

type EnvConfig 

type EnvConfig struct {
	// Mode configures how to treat environment variable requests by SSH clients.
	Mode ExecutionPolicy `json:"mode" yaml:"mode" default:""`
	// Allow takes effect when Mode is ExecutionPolicyFilter and only allows the specified environment variables to be
	// set.
	Allow []string
	// Allow takes effect when Mode is not ExecutionPolicyDisable and disallows the specified environment variables to
	// be set.
	Deny []string
}

EnvConfig configures setting environment variables.

func (EnvConfig) Validate 

func (e EnvConfig) Validate() error

Validate validates a shell configuration

type ErrTooManySessions 

type ErrTooManySessions struct {
}

ErrTooManySessions indicates that too many sessions were opened in the same connection.

func (*ErrTooManySessions) Error 

func (e *ErrTooManySessions) Error() string

Error contains the error for the logs.

func (*ErrTooManySessions) Message 

func (e *ErrTooManySessions) Message() string

Message contains a message intended for the user.

func (*ErrTooManySessions) Reason 

func (e *ErrTooManySessions) Reason() ssh.RejectionReason

Reason contains the rejection code.

type ExecutionPolicy 

type ExecutionPolicy string

ExecutionPolicy drives how to treat a certain request. 

const (
	// ExecutionPolicyUnconfigured falls back to the default mode. If unconfigured on a global level the default is to
	// "allow".
	ExecutionPolicyUnconfigured ExecutionPolicy = ""

	// ExecutionPolicyEnable allows the execution of the specified method unless the specified option matches the
	// "deny" list.
	ExecutionPolicyEnable ExecutionPolicy = "enable"

	// ExecutionPolicyFilter filters the execution against a specified allow list. If the allow list is empty or not
	// supported this ootion behaves like "disable".
	ExecutionPolicyFilter ExecutionPolicy = "filter"

	// ExecutionPolicyDisable disables the specified method and does not take the allow or deny lists into account.
	ExecutionPolicyDisable ExecutionPolicy = "disable"
)

func (ExecutionPolicy) Validate 

func (e ExecutionPolicy) Validate() error

Validate validates the execution policy.

type ShellConfig 

type ShellConfig struct {
	// Mode configures how to treat shell requests by SSH clients.
	Mode ExecutionPolicy `json:"mode" yaml:"mode" default:""`
}

ShellConfig controls shell executions via SSH.

func (ShellConfig) Validate 

func (s ShellConfig) Validate() error

Validate validates a shell configuration

type SignalConfig 

type SignalConfig struct {
	// Mode configures how to treat signal requests to running programs
	Mode ExecutionPolicy `json:"mode" yaml:"mode" default:""`
	// Allow takes effect when Mode is ExecutionPolicyFilter and only allows the specified signals to be forwarded.
	Allow []string
	// Allow takes effect when Mode is not ExecutionPolicyDisable and disallows the specified signals to be forwarded.
	Deny []string
}

SignalConfig configures how signal forwarding requests are treated.

func (SignalConfig) Validate 

func (s SignalConfig) Validate() error

Validate validates the signal configuration

type SubsystemConfig 

type SubsystemConfig struct {
	// Mode configures how to treat subsystem requests by SSH clients.
	Mode ExecutionPolicy `json:"mode" yaml:"mode" default:""`
	// Allow takes effect when Mode is ExecutionPolicyFilter and only allows the specified subsystems to be
	// executed.
	Allow []string
	// Allow takes effect when Mode is not ExecutionPolicyDisable and disallows the specified subsystems to be executed.
	Deny []string
}

SubsystemConfig controls shell executions via SSH.

func (SubsystemConfig) Validate 

func (s SubsystemConfig) Validate() error

Validate validates a subsystem configuration

type TTYConfig 

type TTYConfig struct {
	// Mode configures how to treat TTY/PTY requests by SSH clients.
	Mode ExecutionPolicy `json:"mode" yaml:"mode" default:""`
}

TTYConfig controls how to treat TTY/PTY requests by clients.

func (TTYConfig) Validate 

func (t TTYConfig) Validate() error

Validate validates the TTY configuration

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.