Skip to content

Commit

Permalink
Merge branch 'develop'
Browse files Browse the repository at this point in the history
  • Loading branch information
blacknon committed May 11, 2019
2 parents bdd73be + 76c4e55 commit c473d54
Show file tree
Hide file tree
Showing 7 changed files with 100 additions and 26 deletions.
2 changes: 1 addition & 1 deletion cmd/lscp/args.go
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ USAGE:
app.Name = "lscp"
app.Usage = "TUI list select and parallel scp client command."
app.Copyright = "blacknon([email protected])"
app.Version = "0.5.3"
app.Version = "0.5.4"

app.Flags = []cli.Flag{
cli.StringSliceFlag{Name: "host,H", Usage: "connect servernames"},
Expand Down
2 changes: 1 addition & 1 deletion cmd/lssh/args.go
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ USAGE:
app.Name = "lssh"
app.Usage = "TUI list select and parallel ssh client command."
app.Copyright = "blacknon([email protected])"
app.Version = "0.5.3"
app.Version = "0.5.4"

// Set options
app.Flags = []cli.Flag{
Expand Down
5 changes: 4 additions & 1 deletion conf/conf.go
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,9 @@ type ServerConfig struct {
Key string `toml:"key"`
KeyPass string `toml:"keypass"`
Keys []string `toml:"keys"` // "keypath::passphase"
Cert string `toml:"cert"`
CertKey string `toml:"certkey"`
CertKeyPass string `toml:"certkeypass"`
AgentAuth bool `toml:"agentauth"`
SSHAgentUse bool `toml:"ssh_agent"`
SSHAgentKeyPath []string `toml:"ssh_agent_key"` // "keypath::passphase"
Expand Down Expand Up @@ -198,7 +201,7 @@ func checkFormatServerConf(c Config) (isFormat bool) {

func checkFormatServerConfAuth(c ServerConfig) (isFormat bool) {
isFormat = false
if c.Pass != "" || c.Key != "" {
if c.Pass != "" || c.Key != "" || c.Cert != "" {
isFormat = true
}

Expand Down
7 changes: 4 additions & 3 deletions ssh/connect.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,6 @@ type Connect struct {
Server string
Conf conf.Config
Client *ssh.Client
StdinWriter io.Writer
sshAgent agent.Agent
sshExtendedAgent agent.ExtendedAgent
IsTerm bool
Expand Down Expand Up @@ -160,15 +159,17 @@ func (c *Connect) createClientConfig(server string) (clientConfig *ssh.ClientCon

auth, err := c.createSshAuth(server)
if err != nil {
return clientConfig, err
if len(auth) == 0 {
return clientConfig, err
}
}

// create ssh ClientConfig
clientConfig = &ssh.ClientConfig{
User: conf.User,
Auth: auth,
HostKeyCallback: ssh.InsecureIgnoreHostKey(),
Timeout: 3600 * time.Hour,
Timeout: 0,
}
return clientConfig, err
}
Expand Down
104 changes: 88 additions & 16 deletions ssh/connect_craete_auth.go
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package ssh

import (
"fmt"
"io/ioutil"
"net"
"os"
Expand All @@ -10,25 +11,24 @@ import (
"golang.org/x/crypto/ssh"
)

// @TODO: v0.5.3
// ssh authを複数指定できるようにする(conf.goについても修正が必要?)

// @brief:
// Create ssh session auth
// @note:
// - public key auth
// - password auth
// - ssh-agent auth
// - pkcs11 auth
func (c *Connect) createSshAuth(server string) (auth []ssh.AuthMethod, err error) {
conf := c.Conf.Server[server]

// public key (single)
if conf.Key != "" {
authMethod, err := createSshAuthPublicKey(conf.Key, conf.KeyPass)
if err != nil {
return auth, err
fmt.Fprintf(os.Stderr, "%s's create public key ssh.AuthMethod err: %s\n", server, err)
} else {
auth = append(auth, authMethod)
}
auth = append(auth, authMethod)
}

// public key (multiple)
Expand All @@ -37,9 +37,19 @@ func (c *Connect) createSshAuth(server string) (auth []ssh.AuthMethod, err error
keyPathArray := strings.SplitN(key, "::", 2)
authMethod, err := createSshAuthPublicKey(keyPathArray[0], keyPathArray[1])
if err != nil {
return auth, err
fmt.Fprintf(os.Stderr, "%s's create public keys ssh.AuthMethod err: %s\n", server, err)
} else {
auth = append(auth, authMethod)
}
}
}

// cert
if conf.Cert != "" {
authMethod, err := createSshAuthCertificate(conf.Cert, conf.CertKey, conf.CertKey)
if err != nil {
fmt.Fprintf(os.Stderr, "%s's create certificate ssh.AuthMethod err: %s\n", server, err)
} else {
auth = append(auth, authMethod)
}
}
Expand All @@ -63,36 +73,39 @@ func (c *Connect) createSshAuth(server string) (auth []ssh.AuthMethod, err error
if err != nil {
signers, err = c.sshAgent.Signers()
if err != nil {
return auth, err
fmt.Fprintf(os.Stderr, "%s's create sshAgent ssh.AuthMethod err: %s\n", server, err)

} else {
auth = append(auth, ssh.PublicKeys(signers...))
}
} else {
signers, err = c.sshExtendedAgent.Signers()

if err != nil {
return auth, err
fmt.Fprintf(os.Stderr, "%s's create sshAgent ssh.AuthMethod err: %s\n", server, err)
} else {
auth = append(auth, ssh.PublicKeys(signers...))
}
}
auth = append(auth, ssh.PublicKeys(signers...))
}

if conf.PKCS11Use {
// @TODO: confのチェック時にPKCS11のProviderのPATHチェックを行う
var signers []ssh.Signer
signers, err := c.getSshSignerFromPkcs11(server)
if err != nil {
return auth, err
}

for _, signer := range signers {
auth = append(auth, ssh.PublicKeys(signer))
fmt.Fprintf(os.Stderr, "%s's create pkcs11 ssh.AuthMethod err: %s\n", server, err)
} else {
for _, signer := range signers {
auth = append(auth, ssh.PublicKeys(signer))
}
}
}

return auth, err
}

// Craete ssh auth (public key)
func createSshAuthPublicKey(key string, pass string) (auth ssh.AuthMethod, err error) {
func createSshAuthPublicKey(key, pass string) (auth ssh.AuthMethod, err error) {
usr, _ := user.Current()
key = strings.Replace(key, "~", usr.HomeDir, 1)

Expand All @@ -118,3 +131,62 @@ func createSshAuthPublicKey(key string, pass string) (auth ssh.AuthMethod, err e
auth = ssh.PublicKeys(signer)
return auth, err
}

// @brief:
// Create ssh auth (Certificate)
// key ... keypath::password
func createSshAuthCertificate(cert, key, pass string) (auth ssh.AuthMethod, err error) {
usr, _ := user.Current()
cert = strings.Replace(cert, "~", usr.HomeDir, 1)
key = strings.Replace(key, "~", usr.HomeDir, 1)

// Read PrivateKey file
keyData, err := ioutil.ReadFile(key)
if err != nil {
return auth, err
}

// Create PrivateKey Signer
var keySigner ssh.Signer
if pass != "" {
keySigner, err = ssh.ParsePrivateKeyWithPassphrase(keyData, []byte(pass))
} else {
keySigner, err = ssh.ParsePrivateKey(keyData)
}

// check err
if err != nil {
return auth, err
}

// Read Cert file
certData, err := ioutil.ReadFile(cert)
if err != nil {
return auth, err
}

// Create PublicKey from Cert
pubkey, _, _, _, err := ssh.ParseAuthorizedKey(certData)
if err != nil {
return auth, err
}

// Create Certificate Struct
certificate, ok := pubkey.(*ssh.Certificate)
if !ok {
err = fmt.Errorf("%s\n", "Error: Not create certificate struct data")
return auth, err
}

// Create Certificate Signer
signer, err := ssh.NewCertSigner(certificate, keySigner)
if err != nil {
return auth, err
}

// Create AuthMethod
auth = ssh.PublicKeys(signer)

return

}
1 change: 1 addition & 0 deletions ssh/run.go
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ func (r *Run) Start() {
r.StdinData, _ = ioutil.ReadAll(os.Stdin)
}

// @TODO: r.shell()で分岐するよう、selectにする
if len(r.ExecCmd) > 0 {
r.cmd()
} else {
Expand Down
5 changes: 1 addition & 4 deletions ssh/run_cmd.go
Original file line number Diff line number Diff line change
Expand Up @@ -149,10 +149,7 @@ scan:

case <-time.After(10 * time.Millisecond):
data := sc.Bytes()

if len(data) > 0 {
ch <- data
}
ch <- data
}
}
}
Expand Down

0 comments on commit c473d54

Please sign in to comment.