static

package

v0.0.2 Latest Latest Go to latest Published: May 15, 2023 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kadeessh/kadeessh

Links

Open Source Insights

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Account ¶

type Account struct {
	// The ID for the user to be identified with. If empty, UUID will be generated at provision-time.
	ID string `json:"id,omitempty"`

	// A user's username.
	Uname string `json:"name"`

	// The user's hashed password, base64-encoded.
	Password string `json:"password"`

	// The user's password salt, base64-encoded; for
	// algorithms where external salt is needed.
	Salt string `json:"salt,omitempty"`

	// The $HOME directory of the user. If empty, the app defaults to `C:\Users\Public` on Windows and `/var/empty` otherwise.
	Home string `json:"home,omitempty"`

	// Additional metadata for the user
	Custom map[string]interface{} `json:"custom,omitempty"`
	// contains filtered or unexported fields
}

Account contains a username, password, and salt (if applicable).

func (Account) Gid ¶

func (a Account) Gid() string

returns the group ID, which is auto-generated at provision-time as UUIDv4

func (Account) GroupIDs ¶

func (a Account) GroupIDs() ([]string, error)

collects and returns the group IDs defiend for the user

func (Account) Groups ¶

func (a Account) Groups() []authentication.Group

collects and returns the user groups as values implementing the authentication.Group interface

func (Account) HomeDir ¶

func (a Account) HomeDir() string

HomeDir returns the custom $HOME if defined in the "home" JSON field, otherwise defaults to `C:\Users\Public` on Windows and `/var/empty` on *nix

func (Account) Metadata ¶

func (a Account) Metadata() map[string]interface{}

returns any custom metadata defined in the user record in the "custom" JSON field

func (Account) Name ¶

func (a Account) Name() string

returns the username as defined in the "name" JSON field

func (Account) Permissions ¶

func (a Account) Permissions() *gossh.Permissions

returns the permission set of the user

func (Account) Uid ¶

func (a Account) Uid() string

returns the user ID, which is either provided in config or auto-generated at provision-time as UUIDv4

func (Account) Username ¶

func (a Account) Username() string

returns the username as defined in the "name" JSON field

type Static ¶

type Static struct {
	// The algorithm with which the passwords are hashed. Default: bcrypt
	HashRaw json.RawMessage `json:"hash,omitempty" caddy:"namespace=http.authentication.hashes inline_key=algorithm"`

	// The list of accounts to authenticate.
	Accounts []Account `json:"accounts,omitempty"`
	// contains filtered or unexported fields
}

func (Static) AuthenticateUser ¶

func (up Static) AuthenticateUser(sshctx session.ConnMetadata, password []byte) (authentication.User, bool, error)

AuthenticateUser in the Static authentication provider looks up the user in the in-memory map and checks for match in the password hash. If successful, the method returns the user account as an implementation of authentication.User and true; otherwise, the method returns empty account value, false, and an error.

func (Static) CaddyModule ¶

func (Static) CaddyModule() caddy.ModuleInfo

This method indicates that the type is a Caddy module. The returned ModuleInfo must have both a name and a constructor function. This method must not have any side-effects.

func (*Static) Provision ¶

func (up *Static) Provision(ctx caddy.Context) error

Provision of the Static authentication provider loads up the hasher, if defined or defaults to bcrypt, and validate process the user list (e,g. generate IDs if absent).

type StaticPublicKeyProvider ¶

type StaticPublicKeyProvider struct {
	// the user list along ith their keys sources
	Users []User `json:"users,omitempty"`
	// contains filtered or unexported fields
}

func (StaticPublicKeyProvider) AuthenticateUser ¶

func (pk StaticPublicKeyProvider) AuthenticateUser(ctx session.ConnMetadata, pubkey gossh.PublicKey) (authentication.User, bool, error)

AuthenticateUser looks up the use in the in-memory map and grab the key to match against the presented key. It adds the key fingerprint in the extensions of the permissions, keyed with "pubkey-fp".

func (StaticPublicKeyProvider) CaddyModule ¶

func (StaticPublicKeyProvider) CaddyModule() caddy.ModuleInfo

This method indicates that the type is a Caddy module. The returned ModuleInfo must have both a name and a constructor function. This method must not have any side-effects.

func (*StaticPublicKeyProvider) Provision ¶

func (pk *StaticPublicKeyProvider) Provision(ctx caddy.Context) error

Provision loads up the users' keys from the named sources, which may be https? or file. TODO: modularize the source to allow arbitrary sources, e.g. Hashicorp Vault

type User ¶

type User struct {
	// the login username identifying the user
	Username string `json:"username"`
	// url to the location, e.g. file:///path/to/file or https://github.com/username.keys
	Keys []string `json:"keys,omitempty"`
	// contains filtered or unexported fields
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL