forward

package

v4.3.10+incompatible Latest Latest Go to latest Published: Feb 19, 2021 License: Apache-2.0 Imports: 24 Imported by: 18

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/gravitational/teleport

Documentation ¶

Index ¶

type Server
- func New(c ServerConfig) (*Server, error)
type ServerConfig
- func (s *ServerConfig) CheckDefaults() error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Server ¶

type Server struct {
	// contains filtered or unexported fields
}

Server is a forwarding server. Server is used to create a single in-memory SSH server that will forward connections to a remote server. It's used along with the recording proxy to allow Teleport to record sessions with OpenSSH nodes at the proxy level.

To create a forwarding server and serve a single SSH connection on it:

serverConfig := forward.ServerConfig{
   ...
}
remoteServer, err := forward.New(serverConfig)
if err != nil {
	return nil, trace.Wrap(err)
}
go remoteServer.Serve()

conn, err := remoteServer.Dial()
if err != nil {
	return nil, trace.Wrap(err)
}

func New ¶

func New(c ServerConfig) (*Server, error)

New creates a new unstarted Server.

func (*Server) AdvertiseAddr ¶

func (s *Server) AdvertiseAddr() string

AdvertiseAddr is the address of the remote host this forwarding server is connected to.

func (*Server) Close ¶

func (s *Server) Close() error

Close will close all underlying connections that the forwarding server holds.

func (*Server) Component ¶

func (s *Server) Component() string

Component is the type of node this server is.

func (*Server) Dial ¶

func (s *Server) Dial() (net.Conn, error)

Dial returns the client connection created by pipeAddrConn.

func (*Server) EmitAuditEvent ¶

func (s *Server) EmitAuditEvent(event events.Event, fields events.EventFields)

EmitAuditEvent sends an event to the Audit Log.

func (*Server) GetAccessPoint ¶

func (s *Server) GetAccessPoint() auth.AccessPoint

GetAccessPoint returns an auth.AccessPoint for this cluster.

func (*Server) GetAuditLog ¶

func (s *Server) GetAuditLog() events.IAuditLog

GetAuditLog returns the Audit Log for this cluster.

func (Server) GetBPF ¶

func (s Server) GetBPF() bpf.BPF

GetBPF returns the BPF service used by enhanced session recording. BPF for the forwarding server makes no sense (it has to run on the actual node), so return a NOP implementation.

func (*Server) GetClock ¶

func (s *Server) GetClock() clockwork.Clock

GetClock returns server clock implementation

func (*Server) GetDataDir ¶

func (s *Server) GetDataDir() string

GetDataDir returns server local storage

func (*Server) GetInfo ¶

func (s *Server) GetInfo() services.Server

GetInfo returns a services.Server that represents this server.

func (*Server) GetNamespace ¶

func (s *Server) GetNamespace() string

GetNamespace returns the namespace the forwarding server resides in.

func (*Server) GetPAM ¶

func (s *Server) GetPAM() (*pam.Config, error)

GetPAM returns the PAM configuration for a server. Because the forwarding server runs in-memory, it does not support PAM.

func (*Server) GetSessionServer ¶

func (s *Server) GetSessionServer() session.Service

GetSessionServer returns a session server.

func (*Server) HostUUID ¶

func (s *Server) HostUUID() string

HostUUID is the UUID of the underlying proxy that the forwarding server is running in.

func (*Server) ID ¶

func (s *Server) ID() string

ID returns the ID of the proxy that creates the in-memory forwarding server.

func (*Server) PermitUserEnvironment ¶

func (s *Server) PermitUserEnvironment() bool

PermitUserEnvironment is always false because it's up the the remote host to decide if the user environment will be read or not.

func (*Server) Serve ¶

func (s *Server) Serve()

func (*Server) UseTunnel ¶

func (s *Server) UseTunnel() bool

UseTunnel used to determine if this node has connected to this cluster using reverse tunnel.

type ServerConfig ¶

type ServerConfig struct {
	AuthClient      auth.ClientI
	UserAgent       teleagent.Agent
	TargetConn      net.Conn
	SrcAddr         net.Addr
	DstAddr         net.Addr
	HostCertificate ssh.Signer

	// UseTunnel indicates of this server is connected over a reverse tunnel.
	UseTunnel bool

	// Address is the name of the host certificate.
	Address string

	// Ciphers is a list of ciphers that the server supports. If omitted,
	// the defaults will be used.
	Ciphers []string

	// KEXAlgorithms is a list of key exchange (KEX) algorithms that the
	// server supports. If omitted, the defaults will be used.
	KEXAlgorithms []string

	// MACAlgorithms is a list of message authentication codes (MAC) that
	// the server supports. If omitted the defaults will be used.
	MACAlgorithms []string

	// DataDir is a local data directory used for local server storage
	DataDir string

	// Clock is an optoinal clock to override default real time clock
	Clock clockwork.Clock

	// FIPS mode means Teleport started in a FedRAMP/FIPS 140-2 compliant
	// configuration.
	FIPS bool

	// HostUUID is the UUID of the underlying proxy that the forwarding server
	// is running in.
	HostUUID string
}

ServerConfig is the configuration needed to create an instance of a Server.

func (*ServerConfig) CheckDefaults ¶

func (s *ServerConfig) CheckDefaults() error

CheckDefaults makes sure all required parameters are passed in.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL