func TestCertLogin(t *testing.T) {
s := newServer(t)
defer s.Shutdown()
// Use a key different from the default.
clientKey := testSigners["dsa"]
caAuthKey := testSigners["ecdsa"]
cert := &ssh.Certificate{
Key: clientKey.PublicKey(),
ValidPrincipals: []string{username()},
CertType: ssh.UserCert,
ValidBefore: ssh.CertTimeInfinity,
}
if err := cert.SignCert(rand.Reader, caAuthKey); err != nil {
t.Fatalf("SetSignature: %v", err)
}
certSigner, err := ssh.NewCertSigner(cert, clientKey)
if err != nil {
t.Fatalf("NewCertSigner: %v", err)
}
conf := &ssh.ClientConfig{
User: username(),
}
conf.Auth = append(conf.Auth, ssh.PublicKeys(certSigner))
client, err := s.TryDial(conf)
if err != nil {
t.Fatalf("TryDial: %v", err)
}
client.Close()
}
func clientConfig() *ssh.ClientConfig {
config := &ssh.ClientConfig{
User: username(),
Auth: []ssh.AuthMethod{
ssh.PublicKeys(testSigners["user"]),
},
HostKeyCallback: hostKeyDB().Check,
}
return config
}
// func that is responsible of setting the session and communicating
func sshDispatch(cmd string, user string, ip string, key string, messages chan<- string) {
var res string
pemBytes, err := ioutil.ReadFile(key)
if err != nil {
log.Fatal(err)
}
signer, err := ssh.ParsePrivateKey(pemBytes)
if err != nil {
log.Fatalf("parse key failed:%v", err)
}
config := &ssh.ClientConfig{
User: user,
Auth: []ssh.AuthMethod{ssh.PublicKeys(signer)},
}
conn, err := ssh.Dial("tcp", ip+":22", config)
if err != nil {
log.Fatalf("dial failed:%v", err)
}
defer conn.Close()
session, err := conn.NewSession()
if err != nil {
log.Fatalf("session failed:%v", err)
}
defer session.Close()
var stdoutBuf bytes.Buffer
session.Stdout = &stdoutBuf
err = session.Run(cmd)
if err != nil {
// upon dispatching a query that can result in Process exited with 1
// it shouldn't completly fail, the thing here is that that OS
// was not compatible with that query, so we handle some cases here
res += fmt.Sprintf("\nMachine: %v@%v\n", user, ip)
if strings.Contains(cmd, "apt_resources") || strings.Contains(cmd, "deb_packages") {
res += fmt.Sprintf("Target is RPM based, query won't return anything: %v\n", cmd)
} else if strings.Contains(cmd, "rpm_package_files") || strings.Contains(cmd, "rpm_packages") {
res += fmt.Sprintf("Target is APT based, query won't return anything: %v\n", cmd)
} else {
res += fmt.Sprintf("No response for the following query from this machine : %v\n", cmd)
}
messages <- res
} else {
res += fmt.Sprintf("\nMachine: %v@%v\n", user, ip)
res += stdoutBuf.String()
res = string(res[:])
messages <- res
}
}