func getTestPublicKey(t *testing.T) ssh.PublicKey { priv, err := ssh.ParsePrivateKey([]byte(testClientPrivateKey)) if err != nil { t.Fatalf("ParsePrivateKey: %v", err) } return priv.PublicKey() }
func init() { template.Must(configTmpl.Parse(sshd_config)) for n, k := range map[string]*ssh.Signer{ "ssh_host_ecdsa_key": &hostKeyECDSA, "ssh_host_rsa_key": &hostKeyRSA, "ssh_host_dsa_key": &hostKeyDSA, } { var err error *k, err = ssh.ParsePrivateKey([]byte(keys[n])) if err != nil { panic(fmt.Sprintf("ParsePrivateKey(%q): %v", n, err)) } } var err error privateKey, err = ssh.ParsePrivateKey([]byte(testClientPrivateKey)) if err != nil { panic(fmt.Sprintf("ParsePrivateKey: %v", err)) } }
func (k *keychain) loadPEM(file string) error { buf, err := ioutil.ReadFile(file) if err != nil { return err } key, err := ssh.ParsePrivateKey(buf) if err != nil { return err } k.keys = append(k.keys, key) return nil }
func sshServer(p string) { log.Debugln("sshServer") config := &ssh.ServerConfig{ PasswordCallback: func(conn ssh.ConnMetadata, password []byte) (*ssh.Permissions, error) { if conn.User() == "protonuke" && string(password) == "password" { return &ssh.Permissions{}, nil } return nil, errors.New("invalid user/password") }, } private, err := ssh.ParsePrivateKey([]byte(id_rsa)) if err != nil { log.Fatalln(err) } config.AddHostKey(private) // Once a ServerConfig has been configured, connections can be accepted. listener, err := net.Listen(p, PORT) if err != nil { log.Fatalln(err) } for { conn, err := listener.Accept() if err != nil { log.Errorln(err) continue } // Before use, a handshake must be performed on the incoming net.Conn. _, chans, reqs, err := ssh.NewServerConn(conn, config) if err != nil { log.Errorln(err) continue } // The incoming Request channel must be serviced. go ssh.DiscardRequests(reqs) go sshHandleChannels(conn, chans) } }
func sshServer(p string) { log.Debugln("sshServer") config := &ssh.ServerConfig{ PasswordCallback: func(conn *ssh.ServerConn, user, pass string) bool { return user == "protonuke" && pass == "password" }, } private, err := ssh.ParsePrivateKey([]byte(id_rsa)) if err != nil { log.Fatalln(err) } config.AddHostKey(private) l, err := ssh.Listen(p, PORT, config) if err != nil { log.Fatalln(err) } for { conn, err := l.Accept() if err != nil { log.Errorln(err) continue } if err := conn.Handshake(); err != nil { if err != io.EOF { log.Errorln(err) } continue } go sshHandleConn(conn) } }
func ExampleNewServerConn() { // An SSH server is represented by a ServerConfig, which holds // certificate details and handles authentication of ServerConns. config := &ssh.ServerConfig{ PasswordCallback: func(c ssh.ConnMetadata, pass []byte) (*ssh.Permissions, error) { // Should use constant-time compare (or better, salt+hash) in // a production setting. if c.User() == "testuser" && string(pass) == "tiger" { return nil, nil } return nil, fmt.Errorf("password rejected for %q", c.User()) }, } privateBytes, err := ioutil.ReadFile("id_rsa") if err != nil { panic("Failed to load private key") } private, err := ssh.ParsePrivateKey(privateBytes) if err != nil { panic("Failed to parse private key") } config.AddHostKey(private) // Once a ServerConfig has been configured, connections can be // accepted. listener, err := net.Listen("tcp", "0.0.0.0:2022") if err != nil { panic("failed to listen for connection") } nConn, err := listener.Accept() if err != nil { panic("failed to accept incoming connection") } // Before use, a handshake must be performed on the incoming // net.Conn. _, chans, reqs, err := ssh.NewServerConn(nConn, config) if err != nil { panic("failed to handshake") } // The incoming Request channel must be serviced. go ssh.DiscardRequests(reqs) // Service the incoming Channel channel. for newChannel := range chans { // Channels have a type, depending on the application level // protocol intended. In the case of a shell, the type is // "session" and ServerShell may be used to present a simple // terminal interface. if newChannel.ChannelType() != "session" { newChannel.Reject(ssh.UnknownChannelType, "unknown channel type") continue } channel, requests, err := newChannel.Accept() if err != nil { panic("could not accept channel.") } // Sessions have out-of-band requests such as "shell", // "pty-req" and "env". Here we handle only the // "shell" request. go func(in <-chan *ssh.Request) { for req := range in { ok := false switch req.Type { case "shell": ok = true if len(req.Payload) > 0 { // We don't accept any // commands, only the // default shell. ok = false } } req.Reply(ok, nil) } }(requests) term := terminal.NewTerminal(channel, "> ") go func() { defer channel.Close() for { line, err := term.ReadLine() if err != nil { break } fmt.Println(line) } }() } }