예제 #1
0
파일: keys_test.go 프로젝트: npe9/minimega
func getTestPublicKey(t *testing.T) ssh.PublicKey {
	priv, err := ssh.ParsePrivateKey([]byte(testClientPrivateKey))
	if err != nil {
		t.Fatalf("ParsePrivateKey: %v", err)
	}

	return priv.PublicKey()
}
예제 #2
0
func init() {
	template.Must(configTmpl.Parse(sshd_config))

	for n, k := range map[string]*ssh.Signer{
		"ssh_host_ecdsa_key": &hostKeyECDSA,
		"ssh_host_rsa_key":   &hostKeyRSA,
		"ssh_host_dsa_key":   &hostKeyDSA,
	} {
		var err error
		*k, err = ssh.ParsePrivateKey([]byte(keys[n]))
		if err != nil {
			panic(fmt.Sprintf("ParsePrivateKey(%q): %v", n, err))
		}
	}

	var err error
	privateKey, err = ssh.ParsePrivateKey([]byte(testClientPrivateKey))
	if err != nil {
		panic(fmt.Sprintf("ParsePrivateKey: %v", err))
	}
}
예제 #3
0
func (k *keychain) loadPEM(file string) error {
	buf, err := ioutil.ReadFile(file)
	if err != nil {
		return err
	}
	key, err := ssh.ParsePrivateKey(buf)
	if err != nil {
		return err
	}
	k.keys = append(k.keys, key)
	return nil
}
예제 #4
0
파일: ssh.go 프로젝트: jenareljam/minimega
func sshServer(p string) {
	log.Debugln("sshServer")

	config := &ssh.ServerConfig{
		PasswordCallback: func(conn ssh.ConnMetadata, password []byte) (*ssh.Permissions, error) {
			if conn.User() == "protonuke" && string(password) == "password" {
				return &ssh.Permissions{}, nil
			}

			return nil, errors.New("invalid user/password")
		},
	}

	private, err := ssh.ParsePrivateKey([]byte(id_rsa))
	if err != nil {
		log.Fatalln(err)
	}

	config.AddHostKey(private)

	// Once a ServerConfig has been configured, connections can be accepted.
	listener, err := net.Listen(p, PORT)
	if err != nil {
		log.Fatalln(err)
	}

	for {
		conn, err := listener.Accept()
		if err != nil {
			log.Errorln(err)
			continue
		}

		// Before use, a handshake must be performed on the incoming net.Conn.
		_, chans, reqs, err := ssh.NewServerConn(conn, config)
		if err != nil {
			log.Errorln(err)
			continue
		}

		// The incoming Request channel must be serviced.
		go ssh.DiscardRequests(reqs)

		go sshHandleChannels(conn, chans)
	}
}
예제 #5
0
파일: ssh.go 프로젝트: npe9/minimega
func sshServer(p string) {
	log.Debugln("sshServer")

	config := &ssh.ServerConfig{
		PasswordCallback: func(conn *ssh.ServerConn, user, pass string) bool {
			return user == "protonuke" && pass == "password"
		},
	}

	private, err := ssh.ParsePrivateKey([]byte(id_rsa))
	if err != nil {
		log.Fatalln(err)
	}

	config.AddHostKey(private)

	l, err := ssh.Listen(p, PORT, config)
	if err != nil {
		log.Fatalln(err)
	}

	for {
		conn, err := l.Accept()
		if err != nil {
			log.Errorln(err)
			continue
		}

		if err := conn.Handshake(); err != nil {
			if err != io.EOF {
				log.Errorln(err)
			}
			continue
		}

		go sshHandleConn(conn)
	}
}
예제 #6
0
func ExampleNewServerConn() {
	// An SSH server is represented by a ServerConfig, which holds
	// certificate details and handles authentication of ServerConns.
	config := &ssh.ServerConfig{
		PasswordCallback: func(c ssh.ConnMetadata, pass []byte) (*ssh.Permissions, error) {
			// Should use constant-time compare (or better, salt+hash) in
			// a production setting.
			if c.User() == "testuser" && string(pass) == "tiger" {
				return nil, nil
			}
			return nil, fmt.Errorf("password rejected for %q", c.User())
		},
	}

	privateBytes, err := ioutil.ReadFile("id_rsa")
	if err != nil {
		panic("Failed to load private key")
	}

	private, err := ssh.ParsePrivateKey(privateBytes)
	if err != nil {
		panic("Failed to parse private key")
	}

	config.AddHostKey(private)

	// Once a ServerConfig has been configured, connections can be
	// accepted.
	listener, err := net.Listen("tcp", "0.0.0.0:2022")
	if err != nil {
		panic("failed to listen for connection")
	}
	nConn, err := listener.Accept()
	if err != nil {
		panic("failed to accept incoming connection")
	}

	// Before use, a handshake must be performed on the incoming
	// net.Conn.
	_, chans, reqs, err := ssh.NewServerConn(nConn, config)
	if err != nil {
		panic("failed to handshake")
	}
	// The incoming Request channel must be serviced.
	go ssh.DiscardRequests(reqs)

	// Service the incoming Channel channel.
	for newChannel := range chans {
		// Channels have a type, depending on the application level
		// protocol intended. In the case of a shell, the type is
		// "session" and ServerShell may be used to present a simple
		// terminal interface.
		if newChannel.ChannelType() != "session" {
			newChannel.Reject(ssh.UnknownChannelType, "unknown channel type")
			continue
		}
		channel, requests, err := newChannel.Accept()
		if err != nil {
			panic("could not accept channel.")
		}

		// Sessions have out-of-band requests such as "shell",
		// "pty-req" and "env".  Here we handle only the
		// "shell" request.
		go func(in <-chan *ssh.Request) {
			for req := range in {
				ok := false
				switch req.Type {
				case "shell":
					ok = true
					if len(req.Payload) > 0 {
						// We don't accept any
						// commands, only the
						// default shell.
						ok = false
					}
				}
				req.Reply(ok, nil)
			}
		}(requests)

		term := terminal.NewTerminal(channel, "> ")

		go func() {
			defer channel.Close()
			for {
				line, err := term.ReadLine()
				if err != nil {
					break
				}
				fmt.Println(line)
			}
		}()
	}
}