sshchat

README

ssh-chat

Custom SSH server written in Go. Instead of a shell, you get a chat prompt.

Demo

Join the party:

$ ssh chat.shazow.net

The server's RSA key fingerprint is e5:d5:d1:75:90:38:42:f6:c7:03:d7:d0:56:7d:6a:db. If you see something different, you might be MITM'd.

(Apologies if the server is down, try again shortly.)

Downloading a release

Recent releases include builds for MacOS (darwin/amd64) and Linux (386, amd64, and ARM6 for your RaspberryPi).

Grab the latest release here.

Compiling / Developing

You can compile ssh-chat by using make build. The resulting binary is portable and can be run on any system with a similar OS and CPU arch. Go 1.3 or higher is required to compile.

If you're developing on this repo, there is a handy Makefile that should set things up with make run.

Additionally, make debug runs the server with an http pprof server. This allows you to open http://localhost:6060/debug/pprof/ and view profiling data. See net/http/pprof for more information about pprof.

Quick Start

Usage:
  ssh-chat [OPTIONS]

Application Options:
  -v, --verbose    Show verbose logging.
  -i, --identity=  Private key to identify server with. (~/.ssh/id_rsa)
      --bind=      Host and port to listen on. (0.0.0.0:2022)
      --admin=     Fingerprint of pubkey to mark as admin.
      --whitelist= Optional file of pubkey fingerprints that are allowed to connect
      --motd=      Message of the Day file (optional)
      --pprof=     enable http server for pprof

Help Options:
  -h, --help       Show this help message

After doing go get github.com/shazow/ssh-chat/... on this repo, you should be able to run a command like:

$ ssh-chat --verbose --bind ":22" --identity ~/.ssh/id_dsa

To bind on port 22, you'll need to make sure it's free (move any other ssh daemons to another port) and run ssh-chat as root (or with sudo).

License

This project is licensed under the MIT open source license.

Documentation

Overview

sshchat package is an implementation of an ssh server which serves a chat room instead of a shell.

sshd subdirectory contains the ssh-related pieces which know nothing about chat.

chat subdirectory contains the chat-related pieces which know nothing about ssh.

The Host type is the glue between the sshd and chat pieces.

Index

• Variables
• func GetPrompt(user *message.User) string
• func SetLogger(l *golog.Logger)
• type Auth
  • func NewAuth() *Auth
  • func (a *Auth) AllowAnonymous() bool
  • func (a *Auth) Ban(key ssh.PublicKey, d time.Duration)
  • func (a *Auth) BanAddr(addr net.Addr, d time.Duration)
  • func (a *Auth) BanFingerprint(authkey string, d time.Duration)
  • func (a *Auth) Check(addr net.Addr, key ssh.PublicKey) (bool, error)
  • func (a *Auth) IsOp(key ssh.PublicKey) bool
  • func (a *Auth) Op(key ssh.PublicKey, d time.Duration)
  • func (a *Auth) Whitelist(key ssh.PublicKey, d time.Duration)
• type Host
  • func NewHost(listener *sshd.SSHListener, auth *Auth) *Host
  • func (h *Host) AutoCompleteFunction(u *message.User) func(line string, pos int, key rune) (newLine string, newPos int, ok bool)
  • func (h *Host) Connect(term *sshd.Terminal)
  • func (h *Host) GetUser(name string) (*message.User, bool)
  • func (h *Host) InitCommands(c *chat.Commands)
  • func (h *Host) Serve()
  • func (h *Host) SetMotd(motd string)
  • func (h *Host) SetTheme(theme message.Theme)
• type Identity
  • func NewIdentity(conn sshd.Connection) *Identity
  • func (i Identity) Id() string
  • func (i Identity) Name() string
  • func (i *Identity) SetId(id string)
  • func (i *Identity) SetName(name string)
  • func (i Identity) Whois() string
• type Set
  • func NewSet() *Set
  • func (s *Set) Add(key string)
  • func (s *Set) AddExpiring(key string, d time.Duration) time.Time
  • func (s *Set) In(key string) bool
  • func (s *Set) Len() int

Variables

var ErrBanned = errors.New("banned")

The error returned a key is checked that is banned.

var ErrNotWhitelisted = errors.New("not whitelisted")

The error returned a key is checked that is not whitelisted, with whitelisting required.

Functions

func GetPrompt

func GetPrompt(user *message.User) string

GetPrompt will render the terminal prompt string based on the user.

func SetLogger

func SetLogger(l *golog.Logger)

Types

type Auth

type Auth struct {
	// contains filtered or unexported fields
}

Auth stores lookups for bans, whitelists, and ops. It implements the sshd.Auth interface.

func NewAuth

func NewAuth() *Auth

NewAuth creates a new empty Auth.

func (*Auth) AllowAnonymous

func (a *Auth) AllowAnonymous() bool

AllowAnonymous determines if anonymous users are permitted.

func (*Auth) Ban

func (a *Auth) Ban(key ssh.PublicKey, d time.Duration)

Ban will set a public key as banned.

func (*Auth) BanAddr

func (a *Auth) BanAddr(addr net.Addr, d time.Duration)

Ban will set an IP address as banned.

func (*Auth) BanFingerprint

func (a *Auth) BanFingerprint(authkey string, d time.Duration)

BanFingerprint will set a public key fingerprint as banned.

func (*Auth) Check

func (a *Auth) Check(addr net.Addr, key ssh.PublicKey) (bool, error)

Check determines if a pubkey fingerprint is permitted.

func (*Auth) IsOp

func (a *Auth) IsOp(key ssh.PublicKey) bool

IsOp checks if a public key is an op.

func (*Auth) Op

func (a *Auth) Op(key ssh.PublicKey, d time.Duration)

Op sets a public key as a known operator.

func (*Auth) Whitelist

func (a *Auth) Whitelist(key ssh.PublicKey, d time.Duration)

Whitelist will set a public key as a whitelisted user.

type Host

type Host struct {
	*chat.Room

	// Version string to print on /version
	Version string
	// contains filtered or unexported fields
}

Host is the bridge between sshd and chat modules TODO: Should be easy to add support for multiple rooms, if we want.

func NewHost

func NewHost(listener *sshd.SSHListener, auth *Auth) *Host

NewHost creates a Host on top of an existing listener.

func (*Host) AutoCompleteFunction

func (h *Host) AutoCompleteFunction(u *message.User) func(line string, pos int, key rune) (newLine string, newPos int, ok bool)

AutoCompleteFunction returns a callback for terminal autocompletion

func (*Host) Connect

func (h *Host) Connect(term *sshd.Terminal)

Connect a specific Terminal to this host and its room.

func (*Host) GetUser

func (h *Host) GetUser(name string) (*message.User, bool)

GetUser returns a message.User based on a name.

func (*Host) InitCommands

func (h *Host) InitCommands(c *chat.Commands)

InitCommands adds host-specific commands to a Commands container. These will override any existing commands.

func (*Host) Serve

func (h *Host) Serve()

Serve our chat room onto the listener

func (*Host) SetMotd

func (h *Host) SetMotd(motd string)

SetMotd sets the host's message of the day.

func (*Host) SetTheme

func (h *Host) SetTheme(theme message.Theme)

SetTheme sets the default theme for the host.

type Identity

type Identity struct {
	sshd.Connection
	// contains filtered or unexported fields
}

Identity is a container for everything that identifies a client.

func NewIdentity

func NewIdentity(conn sshd.Connection) *Identity

NewIdentity returns a new identity object from an sshd.Connection.

func (Identity) Id

func (i Identity) Id() string

func (Identity) Name

func (i Identity) Name() string

func (*Identity) SetId

func (i *Identity) SetId(id string)

func (*Identity) SetName

func (i *Identity) SetName(name string)

func (Identity) Whois

func (i Identity) Whois() string

type Set

type Set struct {
	sync.Mutex
	// contains filtered or unexported fields
}

Set with expire-able keys

func NewSet

func NewSet() *Set

NewSet creates a new set.

func (*Set) Add

func (s *Set) Add(key string)

Add item to this set, replace if it exists.

func (*Set) AddExpiring

func (s *Set) AddExpiring(key string, d time.Duration) time.Time

Add item to this set, replace if it exists.

func (*Set) In

func (s *Set) In(key string) bool

In checks if an item exists in this set.

func (*Set) Len

func (s *Set) Len() int

Len returns the size of the set right now.