ssh

package

v0.0.0-...-23e64f8 Latest Latest Go to latest Published: Oct 25, 2020 License: MIT Imports: 22 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hensoko/go-ssh-ca

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func ReadSSHAuthorizedKeys(authorizedKeysDir string) (map[string]map[string]bool, error)
func ReadSSHPrivateKey(path string) (ssh.Signer, error)
type Client
- func NewClient(c ClientConfig) *Client
- func (c *Client) Dial(username string, remoteAddress string) error
type ClientConfig
type Server
- func NewServer(c ServerConfig) *Server
- func (s *Server) ListenAndServe(listenAddress string) error
type ServerConfig
type Signer
- func (s *Signer) HandleRequest(req *SigningRequest) (*SigningResponse, error)
- func (s *Signer) LoadKey(path string) error
type SigningRequest
- func (s *SigningRequest) MarshalJSON() ([]byte, error)
- func (s *SigningRequest) UnmarshalJSON(data []byte) error
type SigningRequestAlias
type SigningResponse
- func NewFromGrpcResponse() (*SigningResponse, error)
- func (s *SigningResponse) Bytes() []byte
type WireSigningRequest
- func NewWireSigningRequest(req *SigningRequest) *WireSigningRequest
- func (w *WireSigningRequest) SigningRequest() (*SigningRequest, error)

Constants ¶

View Source

const (
	ClientDefaultSessionKeyBits = 2048
)

Variables ¶

This section is empty.

Functions ¶

func ReadSSHAuthorizedKeys ¶

func ReadSSHAuthorizedKeys(authorizedKeysDir string) (map[string]map[string]bool, error)

ReadSSHAuthorizedKeys reads multiple authorized keys from given directory. Keys are stored in a map by username and public key.

func ReadSSHPrivateKey ¶

func ReadSSHPrivateKey(path string) (ssh.Signer, error)

ReadSSHPrivateKey reads a private key and returns a ssh.Signer

Types ¶

type Client ¶

type Client struct {
	// contains filtered or unexported fields
}

func NewClient ¶

func NewClient(c ClientConfig) *Client

func (*Client) Dial ¶

func (c *Client) Dial(username string, remoteAddress string) error

type ClientConfig ¶

type ClientConfig struct {
	BaseDir string
}

type Server ¶

type Server struct {
	// contains filtered or unexported fields
}

func NewServer ¶

func NewServer(c ServerConfig) *Server

func (*Server) ListenAndServe ¶

func (s *Server) ListenAndServe(listenAddress string) error

type ServerConfig ¶

type ServerConfig struct {
	AuthorizedKeysDir string
	BaseDir           string
	HostKeyFile       string
}

type Signer ¶

type Signer struct {
	// contains filtered or unexported fields
}

func (*Signer) HandleRequest ¶

func (s *Signer) HandleRequest(req *SigningRequest) (*SigningResponse, error)

func (*Signer) LoadKey ¶

func (s *Signer) LoadKey(path string) error

type SigningRequest ¶

type SigningRequest struct {
	IPAddress string `json:"ip_address,omitempty"`
	Username  string `json:"username,omitempty"`

	// PublicKey in authorized keys format
	PublicKey ssh.PublicKey `json:"-"`
	// Signature verifies the integrity of the transmitted public key
	Signature *ssh.Signature `json:"signature,omitempty"`
}

SigningRequest contains a user and a public key and is transmitted to bastion / server to get signed

func (*SigningRequest) MarshalJSON ¶

func (s *SigningRequest) MarshalJSON() ([]byte, error)

func (*SigningRequest) UnmarshalJSON ¶

func (s *SigningRequest) UnmarshalJSON(data []byte) error

type SigningRequestAlias ¶

type SigningRequestAlias SigningRequest

type SigningResponse ¶

type SigningResponse struct {
	//TODO add more metadata
	ValidUntil time.Time

	Certificate *ssh.Certificate
	Signature   *ssh.Signature
}

func NewFromGrpcResponse ¶

func NewFromGrpcResponse() (*SigningResponse, error)

func (*SigningResponse) Bytes ¶

func (s *SigningResponse) Bytes() []byte

type WireSigningRequest ¶

type WireSigningRequest struct {
	SigningRequestAlias

	PublicKey []byte `json:"public_key,omitempty"`
}

func NewWireSigningRequest ¶

func NewWireSigningRequest(req *SigningRequest) *WireSigningRequest

func (*WireSigningRequest) SigningRequest ¶

func (w *WireSigningRequest) SigningRequest() (*SigningRequest, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL