pax_global_header00006660000000000000000000000064145444222600014515gustar00rootroot0000000000000052 comment=db6e763f887bd8a45c81a34a17315fd33da1344e easyssh-proxy-1.5.0/000077500000000000000000000000001454442226000143565ustar00rootroot00000000000000easyssh-proxy-1.5.0/.github/000077500000000000000000000000001454442226000157165ustar00rootroot00000000000000easyssh-proxy-1.5.0/.github/FUNDING.yml000066400000000000000000000014001454442226000175260ustar00rootroot00000000000000# These are supported funding model platforms github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2] patreon: # Replace with a single Patreon username open_collective: # Replace with a single Open Collective username ko_fi: # Replace with a single Ko-fi username tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry liberapay: # Replace with a single Liberapay username issuehunt: # Replace with a single IssueHunt username otechie: # Replace with a single Otechie username lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry custom: ['https://www.paypal.me/appleboy46'] easyssh-proxy-1.5.0/.github/dependabot.yml000066400000000000000000000003031454442226000205420ustar00rootroot00000000000000version: 2 updates: - package-ecosystem: github-actions directory: / schedule: interval: weekly - package-ecosystem: gomod directory: / schedule: interval: weekly easyssh-proxy-1.5.0/.github/workflows/000077500000000000000000000000001454442226000177535ustar00rootroot00000000000000easyssh-proxy-1.5.0/.github/workflows/codeql.yml000066400000000000000000000033361454442226000217520ustar00rootroot00000000000000# For most projects, this workflow file will not need changing; you simply need # to commit it to your repository. # # You may wish to alter this file to override the set of languages analyzed, # or to provide custom queries or build logic. # # ******** NOTE ******** # We have attempted to detect the languages in your repository. Please check # the `language` matrix defined below to confirm you have the correct set of # supported CodeQL languages. # name: "CodeQL" on: push: branches: [master] pull_request: # The branches below must be a subset of the branches above branches: [master] schedule: - cron: "41 23 * * 6" jobs: analyze: name: Analyze runs-on: ubuntu-latest permissions: actions: read contents: read security-events: write strategy: fail-fast: false matrix: language: ["go"] # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] # Learn more about CodeQL language support at https://git.io/codeql-language-support steps: - name: Checkout repository uses: actions/checkout@v3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL uses: github/codeql-action/init@v2 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. # By default, queries listed here will override any specified in a config file. # Prefix the list here with "+" to use these queries and those in the config file. # queries: ./path/to/local/query, your-org/your-repo/queries@main - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v2 easyssh-proxy-1.5.0/.github/workflows/goreleaser.yml000066400000000000000000000012111454442226000226210ustar00rootroot00000000000000name: Goreleaser on: push: tags: - "*" permissions: contents: write jobs: goreleaser: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v3 with: fetch-depth: 0 - name: Setup go uses: actions/setup-go@v5 with: go-version: "^1" - name: Run GoReleaser uses: goreleaser/goreleaser-action@v4 with: # either 'goreleaser' (default) or 'goreleaser-pro' distribution: goreleaser version: latest args: release --rm-dist env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} easyssh-proxy-1.5.0/.github/workflows/lint.yml000066400000000000000000000015311454442226000214440ustar00rootroot00000000000000name: Lint and Testing on: push: pull_request: jobs: lint: runs-on: ubuntu-latest steps: - name: Setup go uses: actions/setup-go@v5 with: go-version: "^1.21" - name: Checkout repository uses: actions/checkout@v3 - name: Setup golangci-lint uses: golangci/golangci-lint-action@v3 with: version: latest args: --verbose testing: runs-on: ubuntu-latest container: golang:1.19-alpine steps: - name: Checkout repository uses: actions/checkout@v3 - name: setup sshd server run: | apk add git make curl perl bash build-base zlib-dev ucl-dev make ssh-server - name: testing run: | make test - name: Upload coverage to Codecov uses: codecov/codecov-action@v3 easyssh-proxy-1.5.0/.gitignore000066400000000000000000000004301454442226000163430ustar00rootroot00000000000000# Compiled Object files, Static and Dynamic libs (Shared Objects) *.o *.a *.so # Folders _obj _test # Architecture specific extensions/prefixes *.[568vq] [568vq].out *.cgo1.go *.cgo2.c _cgo_defun.c _cgo_gotypes.go _cgo_export.* _testmain.go *.exe *.test *.prof coverage.txt easyssh-proxy-1.5.0/.goreleaser.yaml000066400000000000000000000031221454442226000174460ustar00rootroot00000000000000project_name: queue builds: - # If true, skip the build. # Useful for library projects. # Default is false skip: true changelog: # Set it to true if you wish to skip the changelog generation. # This may result in an empty release notes on GitHub/GitLab/Gitea. skip: false # Changelog generation implementation to use. # # Valid options are: # - `git`: uses `git log`; # - `github`: uses the compare GitHub API, appending the author login to the changelog. # - `gitlab`: uses the compare GitLab API, appending the author name and email to the changelog. # - `github-native`: uses the GitHub release notes generation API, disables the groups feature. # # Defaults to `git`. use: git # Sorts the changelog by the commit's messages. # Could either be asc, desc or empty # Default is empty sort: asc # Group commits messages by given regex and title. # Order value defines the order of the groups. # Proving no regex means all commits will be grouped under the default group. # Groups are disabled when using github-native, as it already groups things by itself. # # Default is no groups. groups: - title: Features regexp: "^.*feat[(\\w)]*:+.*$" order: 0 - title: 'Bug fixes' regexp: "^.*fix[(\\w)]*:+.*$" order: 1 - title: 'Enhancements' regexp: "^.*chore[(\\w)]*:+.*$" order: 2 - title: Others order: 999 filters: # Commit messages matching the regexp listed here will be removed from # the changelog # Default is empty exclude: - '^docs' - 'CICD' - typo easyssh-proxy-1.5.0/LICENSE000066400000000000000000000020511454442226000153610ustar00rootroot00000000000000MIT License Copyright (c) 2017 Bo-Yi Wu Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. easyssh-proxy-1.5.0/Makefile000066400000000000000000000022571454442226000160240ustar00rootroot00000000000000GOFMT ?= gofumpt -l -s GO ?= go PACKAGES ?= $(shell $(GO) list ./...) SOURCES ?= $(shell find . -name "*.go" -type f) all: lint fmt: @hash gofumpt > /dev/null 2>&1; if [ $$? -ne 0 ]; then \ $(GO) install mvdan.cc/gofumpt; \ fi $(GOFMT) -w $(SOURCES) vet: $(GO) vet $(PACKAGES) test: @$(GO) test -v -cover -coverprofile coverage.txt $(PACKAGES) && echo "\n==>\033[32m Ok\033[m\n" || exit 1 clean: go clean -x -i ./... rm -rf coverage.txt $(EXECUTABLE) $(DIST) vendor ssh-server: adduser -h /home/drone-scp -s /bin/sh -D -S drone-scp echo drone-scp:1234 | chpasswd mkdir -p /home/drone-scp/.ssh chmod 700 /home/drone-scp/.ssh cat tests/.ssh/id_rsa.pub >> /home/drone-scp/.ssh/authorized_keys cat tests/.ssh/test.pub >> /home/drone-scp/.ssh/authorized_keys chmod 600 /home/drone-scp/.ssh/authorized_keys chown -R drone-scp /home/drone-scp/.ssh # install ssh and start server apk add --update openssh openrc rm -rf /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key sed -i 's/^#PubkeyAuthentication yes/PubkeyAuthentication yes/g' /etc/ssh/sshd_config sed -i 's/AllowTcpForwarding no/AllowTcpForwarding yes/g' /etc/ssh/sshd_config ./tests/entrypoint.sh /usr/sbin/sshd -D & easyssh-proxy-1.5.0/README.md000066400000000000000000000132621454442226000156410ustar00rootroot00000000000000# easyssh-proxy [![GoDoc](https://godoc.org/github.com/appleboy/easyssh-proxy?status.svg)](https://pkg.go.dev/github.com/appleboy/easyssh-proxy) [![Lint and Testing](https://github.com/appleboy/easyssh-proxy/actions/workflows/lint.yml/badge.svg)](https://github.com/appleboy/easyssh-proxy/actions/workflows/lint.yml) [![codecov](https://codecov.io/gh/appleboy/easyssh-proxy/branch/master/graph/badge.svg)](https://codecov.io/gh/appleboy/easyssh-proxy) [![Go Report Card](https://goreportcard.com/badge/github.com/appleboy/easyssh-proxy)](https://goreportcard.com/report/github.com/appleboy/easyssh-proxy) [![Sourcegraph](https://sourcegraph.com/github.com/appleboy/easyssh-proxy/-/badge.svg)](https://sourcegraph.com/github.com/appleboy/easyssh-proxy?badge) easyssh-proxy provides a simple implementation of some SSH protocol features in Go. ## Feature This project is forked from [easyssh](https://github.com/hypersleep/easyssh) but add some features as the following. * [x] Support plain text of user private key. * [x] Support key path of user private key. * [x] Support Timeout for the TCP connection to establish. * [x] Support SSH ProxyCommand. ```bash +--------+ +----------+ +-----------+ | Laptop | <--> | Jumphost | <--> | FooServer | +--------+ +----------+ +-----------+ OR +--------+ +----------+ +-----------+ | Laptop | <--> | Firewall | <--> | FooServer | +--------+ +----------+ +-----------+ 192.168.1.5 121.1.2.3 10.10.29.68 ``` ## Usage You can see `ssh`, `scp`, `ProxyCommand` on `examples` folder. ### ssh See [example/ssh/ssh.go](./example/ssh/ssh.go) [embedmd]:# (example/ssh/ssh.go go) ```go package main import ( "fmt" "time" "github.com/appleboy/easyssh-proxy" ) func main() { // Create MakeConfig instance with remote username, server address and path to private key. ssh := &easyssh.MakeConfig{ User: "appleboy", Server: "example.com", // Optional key or Password without either we try to contact your agent SOCKET // Password: "password", // Paste your source content of private key // Key: `-----BEGIN RSA PRIVATE KEY----- // MIIEpAIBAAKCAQEA4e2D/qPN08pzTac+a8ZmlP1ziJOXk45CynMPtva0rtK/RB26 // 7XC9wlRna4b3Ln8ew3q1ZcBjXwD4ppbTlmwAfQIaZTGJUgQbdsO9YA== // -----END RSA PRIVATE KEY----- // `, KeyPath: "/Users/username/.ssh/id_rsa", Port: "22", Timeout: 60 * time.Second, // Parse PrivateKey With Passphrase Passphrase: "1234", // Optional fingerprint SHA256 verification // Get Fingerprint: ssh.FingerprintSHA256(key) // Fingerprint: "SHA256:mVPwvezndPv/ARoIadVY98vAC0g+P/5633yTC4d/wXE" // Enable the use of insecure ciphers and key exchange methods. // This enables the use of the the following insecure ciphers and key exchange methods: // - aes128-cbc // - aes192-cbc // - aes256-cbc // - 3des-cbc // - diffie-hellman-group-exchange-sha256 // - diffie-hellman-group-exchange-sha1 // Those algorithms are insecure and may allow plaintext data to be recovered by an attacker. // UseInsecureCipher: true, } // Call Run method with command you want to run on remote server. stdout, stderr, done, err := ssh.Run("ls -al", 60*time.Second) // Handle errors if err != nil { panic("Can't run remote command: " + err.Error()) } else { fmt.Println("don is :", done, "stdout is :", stdout, "; stderr is :", stderr) } } ``` ### scp See [example/scp/scp.go](./example/scp/scp.go) [embedmd]:# (example/scp/scp.go go) ```go package main import ( "fmt" "github.com/appleboy/easyssh-proxy" ) func main() { // Create MakeConfig instance with remote username, server address and path to private key. ssh := &easyssh.MakeConfig{ User: "appleboy", Server: "example.com", Password: "123qwe", Port: "22", } // Call Scp method with file you want to upload to remote server. // Please make sure the `tmp` floder exists. err := ssh.Scp("/root/source.csv", "/tmp/target.csv") // Handle errors if err != nil { panic("Can't run remote command: " + err.Error()) } else { fmt.Println("success") } } ``` ### SSH ProxyCommand See [example/proxy/proxy.go](./example/proxy/proxy.go) [embedmd]:# (example/proxy/proxy.go go /\tssh :=/ /\t}$/) ```go ssh := &easyssh.MakeConfig{ User: "drone-scp", Server: "localhost", Port: "22", KeyPath: "./tests/.ssh/id_rsa", Proxy: easyssh.DefaultConfig{ User: "drone-scp", Server: "localhost", Port: "22", KeyPath: "./tests/.ssh/id_rsa", }, } ``` ### SSH Stream Log See [example/stream/stream.go](./example/stream/stream.go) [embedmd]:# (example/stream/stream.go go /func/ /^}$/) ```go func main() { // Create MakeConfig instance with remote username, server address and path to private key. ssh := &easyssh.MakeConfig{ Server: "localhost", User: "drone-scp", KeyPath: "./tests/.ssh/id_rsa", Port: "22", Timeout: 60 * time.Second, } // Call Run method with command you want to run on remote server. stdoutChan, stderrChan, doneChan, errChan, err := ssh.Stream("for i in {1..5}; do echo ${i}; sleep 1; done; exit 2;", 60*time.Second) // Handle errors if err != nil { panic("Can't run remote command: " + err.Error()) } else { // read from the output channel until the done signal is passed isTimeout := true loop: for { select { case isTimeout = <-doneChan: break loop case outline := <-stdoutChan: fmt.Println("out:", outline) case errline := <-stderrChan: fmt.Println("err:", errline) case err = <-errChan: } } // get exit code or command error. if err != nil { fmt.Println("err: " + err.Error()) } // command time out if !isTimeout { fmt.Println("Error: command timeout") } } } ``` easyssh-proxy-1.5.0/easyssh.go000066400000000000000000000316671454442226000164010ustar00rootroot00000000000000// Package easyssh provides a simple implementation of some SSH protocol // features in Go. You can simply run a command on a remote server or get a file // even simpler than native console SSH client. You don't need to think about // Dials, sessions, defers, or public keys... Let easyssh think about it! package easyssh import ( "bufio" "fmt" "io" "log" "net" "os" "path/filepath" "sync" "time" "github.com/ScaleFT/sshkeys" "golang.org/x/crypto/ssh" "golang.org/x/crypto/ssh/agent" ) var defaultTimeout = 60 * time.Second type Protocol string const ( PROTOCOL_TCP Protocol = "tcp" PROTOCOL_TCP4 Protocol = "tcp4" PROTOCOL_TCP6 Protocol = "tcp6" ) type ( // MakeConfig Contains main authority information. // User field should be a name of user on remote server (ex. john in ssh john@example.com). // Server field should be a remote machine address (ex. example.com in ssh john@example.com) // Key is a path to private key on your local machine. // Port is SSH server port on remote machine. // Note: easyssh looking for private key in user's home directory (ex. /home/john + Key). // Then ensure your Key begins from '/' (ex. /.ssh/id_rsa) MakeConfig struct { User string Server string Key string KeyPath string Port string Protocol Protocol Passphrase string Password string Timeout time.Duration Proxy DefaultConfig Ciphers []string KeyExchanges []string Fingerprint string // Enable the use of insecure ciphers and key exchange methods. // This enables the use of the the following insecure ciphers and key exchange methods: // - aes128-cbc // - aes192-cbc // - aes256-cbc // - 3des-cbc // - diffie-hellman-group-exchange-sha256 // - diffie-hellman-group-exchange-sha1 // Those algorithms are insecure and may allow plaintext data to be recovered by an attacker. UseInsecureCipher bool // RequestPty requests a pseudo-terminal from the server. RequestPty bool } // DefaultConfig for ssh proxy config DefaultConfig struct { User string Server string Key string KeyPath string Port string Protocol Protocol Passphrase string Password string Timeout time.Duration Ciphers []string KeyExchanges []string Fingerprint string // Enable the use of insecure ciphers and key exchange methods. // This enables the use of the the following insecure ciphers and key exchange methods: // - aes128-cbc // - aes192-cbc // - aes256-cbc // - 3des-cbc // - diffie-hellman-group-exchange-sha256 // - diffie-hellman-group-exchange-sha1 // Those algorithms are insecure and may allow plaintext data to be recovered by an attacker. UseInsecureCipher bool } ) // returns ssh.Signer from user you running app home path + cutted key path. // (ex. pubkey,err := getKeyFile("/.ssh/id_rsa") ) func getKeyFile(keypath, passphrase string) (ssh.Signer, error) { var pubkey ssh.Signer var err error buf, err := os.ReadFile(keypath) if err != nil { return nil, err } if passphrase != "" { pubkey, err = sshkeys.ParseEncryptedPrivateKey(buf, []byte(passphrase)) } else { pubkey, err = ssh.ParsePrivateKey(buf) } if err != nil { return nil, err } return pubkey, nil } // returns *ssh.ClientConfig and io.Closer. // if io.Closer is not nil, io.Closer.Close() should be called when // *ssh.ClientConfig is no longer used. func getSSHConfig(config DefaultConfig) (*ssh.ClientConfig, io.Closer) { var sshAgent io.Closer // auths holds the detected ssh auth methods auths := []ssh.AuthMethod{} // figure out what auths are requested, what is supported if config.Password != "" { auths = append(auths, ssh.Password(config.Password)) } if config.KeyPath != "" { if pubkey, err := getKeyFile(config.KeyPath, config.Passphrase); err != nil { log.Printf("getKeyFile error: %v\n", err) } else { auths = append(auths, ssh.PublicKeys(pubkey)) } } if config.Key != "" { var signer ssh.Signer var err error if config.Passphrase != "" { signer, err = sshkeys.ParseEncryptedPrivateKey([]byte(config.Key), []byte(config.Passphrase)) } else { signer, err = ssh.ParsePrivateKey([]byte(config.Key)) } if err != nil { log.Printf("ssh.ParsePrivateKey: %v\n", err) } else { auths = append(auths, ssh.PublicKeys(signer)) } } if sshAgent, err := net.Dial("unix", os.Getenv("SSH_AUTH_SOCK")); err == nil { auths = append(auths, ssh.PublicKeysCallback(agent.NewClient(sshAgent).Signers)) } c := ssh.Config{} if config.UseInsecureCipher { c.SetDefaults() c.Ciphers = append(c.Ciphers, "aes128-cbc", "aes192-cbc", "aes256-cbc", "3des-cbc") c.KeyExchanges = append(c.KeyExchanges, "diffie-hellman-group-exchange-sha1", "diffie-hellman-group-exchange-sha256") } if len(config.Ciphers) > 0 { c.Ciphers = append(c.Ciphers, config.Ciphers...) } if len(config.KeyExchanges) > 0 { c.KeyExchanges = append(c.KeyExchanges, config.KeyExchanges...) } hostKeyCallback := ssh.InsecureIgnoreHostKey() if config.Fingerprint != "" { hostKeyCallback = func(hostname string, remote net.Addr, publicKey ssh.PublicKey) error { if ssh.FingerprintSHA256(publicKey) != config.Fingerprint { return fmt.Errorf("ssh: host key fingerprint mismatch") } return nil } } return &ssh.ClientConfig{ Config: c, Timeout: config.Timeout, User: config.User, Auth: auths, HostKeyCallback: hostKeyCallback, }, sshAgent } // Connect to remote server using MakeConfig struct and returns *ssh.Session func (ssh_conf *MakeConfig) Connect() (*ssh.Session, *ssh.Client, error) { var client *ssh.Client var err error // Default protocol is: tcp. if ssh_conf.Protocol == "" { ssh_conf.Protocol = PROTOCOL_TCP } if ssh_conf.Proxy.Protocol == "" { ssh_conf.Proxy.Protocol = PROTOCOL_TCP } targetConfig, closer := getSSHConfig(DefaultConfig{ User: ssh_conf.User, Key: ssh_conf.Key, KeyPath: ssh_conf.KeyPath, Passphrase: ssh_conf.Passphrase, Password: ssh_conf.Password, Timeout: ssh_conf.Timeout, Ciphers: ssh_conf.Ciphers, KeyExchanges: ssh_conf.KeyExchanges, Fingerprint: ssh_conf.Fingerprint, UseInsecureCipher: ssh_conf.UseInsecureCipher, }) if closer != nil { defer closer.Close() } // Enable proxy command if ssh_conf.Proxy.Server != "" { proxyConfig, closer := getSSHConfig(DefaultConfig{ User: ssh_conf.Proxy.User, Key: ssh_conf.Proxy.Key, KeyPath: ssh_conf.Proxy.KeyPath, Passphrase: ssh_conf.Proxy.Passphrase, Password: ssh_conf.Proxy.Password, Timeout: ssh_conf.Proxy.Timeout, Ciphers: ssh_conf.Proxy.Ciphers, KeyExchanges: ssh_conf.Proxy.KeyExchanges, Fingerprint: ssh_conf.Proxy.Fingerprint, UseInsecureCipher: ssh_conf.Proxy.UseInsecureCipher, }) if closer != nil { defer closer.Close() } proxyClient, err := ssh.Dial(string(ssh_conf.Proxy.Protocol), net.JoinHostPort(ssh_conf.Proxy.Server, ssh_conf.Proxy.Port), proxyConfig) if err != nil { return nil, nil, err } conn, err := proxyClient.Dial(string(ssh_conf.Protocol), net.JoinHostPort(ssh_conf.Server, ssh_conf.Port)) if err != nil { return nil, nil, err } ncc, chans, reqs, err := ssh.NewClientConn(conn, net.JoinHostPort(ssh_conf.Server, ssh_conf.Port), targetConfig) if err != nil { return nil, nil, err } client = ssh.NewClient(ncc, chans, reqs) } else { client, err = ssh.Dial(string(ssh_conf.Protocol), net.JoinHostPort(ssh_conf.Server, ssh_conf.Port), targetConfig) if err != nil { return nil, nil, err } } session, err := client.NewSession() if err != nil { return nil, nil, err } // Request a pseudo-terminal if this option is set if ssh_conf.RequestPty { modes := ssh.TerminalModes{ ssh.ECHO: 0, // disable echoing ssh.TTY_OP_ISPEED: 14400, // input speed = 14.4kbaud ssh.TTY_OP_OSPEED: 14400, // output speed = 14.4kbaud } if err := session.RequestPty("xterm", 80, 40, modes); err != nil { session.Close() return nil, nil, err } } return session, client, nil } // Stream returns one channel that combines the stdout and stderr of the command // as it is run on the remote machine, and another that sends true when the // command is done. The sessions and channels will then be closed. func (ssh_conf *MakeConfig) Stream(command string, timeout ...time.Duration) (<-chan string, <-chan string, <-chan bool, <-chan error, error) { // continuously send the command's output over the channel stdoutChan := make(chan string) stderrChan := make(chan string) doneChan := make(chan bool) errChan := make(chan error) // connect to remote host session, client, err := ssh_conf.Connect() if err != nil { return stdoutChan, stderrChan, doneChan, errChan, err } // defer session.Close() // connect to both outputs (they are of type io.Reader) outReader, err := session.StdoutPipe() if err != nil { client.Close() session.Close() return stdoutChan, stderrChan, doneChan, errChan, err } errReader, err := session.StderrPipe() if err != nil { client.Close() session.Close() return stdoutChan, stderrChan, doneChan, errChan, err } err = session.Start(command) if err != nil { client.Close() session.Close() return stdoutChan, stderrChan, doneChan, errChan, err } // combine outputs, create a line-by-line scanner stdoutReader := io.MultiReader(outReader) stderrReader := io.MultiReader(errReader) stdoutScanner := bufio.NewScanner(stdoutReader) stderrScanner := bufio.NewScanner(stderrReader) go func(stdoutScanner, stderrScanner *bufio.Scanner, stdoutChan, stderrChan chan string, doneChan chan bool, errChan chan error) { defer close(doneChan) defer close(errChan) defer client.Close() defer session.Close() // default timeout value executeTimeout := defaultTimeout if len(timeout) > 0 { executeTimeout = timeout[0] } timeoutChan := time.After(executeTimeout) res := make(chan struct{}, 1) var resWg sync.WaitGroup resWg.Add(2) go func() { defer close(stdoutChan) for stdoutScanner.Scan() { stdoutChan <- stdoutScanner.Text() } resWg.Done() }() go func() { defer close(stderrChan) for stderrScanner.Scan() { stderrChan <- stderrScanner.Text() } resWg.Done() }() go func() { resWg.Wait() // close all of our open resources res <- struct{}{} }() select { case <-res: errChan <- session.Wait() doneChan <- true case <-timeoutChan: errChan <- fmt.Errorf("Run Command Timeout") doneChan <- false } }(stdoutScanner, stderrScanner, stdoutChan, stderrChan, doneChan, errChan) return stdoutChan, stderrChan, doneChan, errChan, err } // Run command on remote machine and returns its stdout as a string func (ssh_conf *MakeConfig) Run(command string, timeout ...time.Duration) (outStr string, errStr string, isTimeout bool, err error) { stdoutChan, stderrChan, doneChan, errChan, err := ssh_conf.Stream(command, timeout...) if err != nil { return outStr, errStr, isTimeout, err } // read from the output channel until the done signal is passed loop: for { select { case isTimeout = <-doneChan: break loop case outline, ok := <-stdoutChan: if !ok { stdoutChan = nil } if outline != "" { outStr += outline + "\n" } case errline, ok := <-stderrChan: if !ok { stderrChan = nil } if errline != "" { errStr += errline + "\n" } case err = <-errChan: } } // return the concatenation of all signals from the output channel return outStr, errStr, isTimeout, err } // WriteFile reads size bytes from the reader and writes them to a file on the remote machine func (ssh_conf *MakeConfig) WriteFile(reader io.Reader, size int64, etargetFile string) error { session, client, err := ssh_conf.Connect() if err != nil { return err } defer client.Close() defer session.Close() targetFile := filepath.Base(etargetFile) w, err := session.StdinPipe() if err != nil { return err } copyF := func() error { _, err := fmt.Fprintln(w, "C0644", size, targetFile) if err != nil { return err } if size > 0 { _, err = io.Copy(w, reader) if err != nil { return err } } _, err = fmt.Fprint(w, "\x00") if err != nil { return err } return nil } copyErrC := make(chan error, 1) go func() { defer w.Close() copyErrC <- copyF() }() err = session.Run(fmt.Sprintf("scp -tr %s", etargetFile)) if err != nil { return err } err = <-copyErrC return err } // Scp uploads sourceFile to remote machine like native scp console app. func (ssh_conf *MakeConfig) Scp(sourceFile string, etargetFile string) error { session, client, err := ssh_conf.Connect() if err != nil { return err } defer client.Close() defer session.Close() src, srcErr := os.Open(sourceFile) if srcErr != nil { return srcErr } defer src.Close() srcStat, statErr := src.Stat() if statErr != nil { return statErr } return ssh_conf.WriteFile(src, srcStat.Size(), etargetFile) } easyssh-proxy-1.5.0/easyssh_test.go000066400000000000000000000266701454442226000174360ustar00rootroot00000000000000package easyssh import ( "os" "os/user" "path" "testing" "time" "github.com/stretchr/testify/assert" "golang.org/x/crypto/ssh" ) func getHostPublicKeyFile(keypath string) (ssh.PublicKey, error) { var pubkey ssh.PublicKey var err error buf, err := os.ReadFile(keypath) if err != nil { return nil, err } pubkey, _, _, _, err = ssh.ParseAuthorizedKey(buf) if err != nil { return nil, err } return pubkey, nil } func TestGetKeyFile(t *testing.T) { // missing file _, err := getKeyFile("abc", "") assert.Error(t, err) assert.Equal(t, "open abc: no such file or directory", err.Error()) // wrong format _, err = getKeyFile("./tests/.ssh/id_rsa.pub", "") assert.Error(t, err) assert.Equal(t, "ssh: no key found", err.Error()) _, err = getKeyFile("./tests/.ssh/id_rsa", "") assert.NoError(t, err) _, err = getKeyFile("./tests/.ssh/test", "1234") assert.NoError(t, err) } func TestRunCommandWithFingerprint(t *testing.T) { // wrong fingerprint sshConf := &MakeConfig{ Server: "localhost", User: "drone-scp", Port: "22", KeyPath: "./tests/.ssh/id_rsa", Fingerprint: "wrong", } outStr, errStr, isTimeout, err := sshConf.Run("whoami", 10) assert.Equal(t, "", outStr) assert.Equal(t, "", errStr) assert.False(t, isTimeout) assert.Error(t, err) hostKey, err := getHostPublicKeyFile("/etc/ssh/ssh_host_rsa_key.pub") assert.NoError(t, err) sshConf = &MakeConfig{ Server: "localhost", User: "drone-scp", Port: "22", KeyPath: "./tests/.ssh/id_rsa", Fingerprint: ssh.FingerprintSHA256(hostKey), } outStr, errStr, isTimeout, err = sshConf.Run("whoami") assert.Equal(t, "drone-scp\n", outStr) assert.Equal(t, "", errStr) assert.True(t, isTimeout) assert.NoError(t, err) } func TestPrivateKeyAndPassword(t *testing.T) { // provide password and ssh private key ssh := &MakeConfig{ Server: "localhost", User: "drone-scp", Port: "22", Password: "1234", KeyPath: "./tests/.ssh/id_rsa", } outStr, errStr, isTimeout, err := ssh.Run("whoami") assert.Equal(t, "drone-scp\n", outStr) assert.Equal(t, "", errStr) assert.True(t, isTimeout) assert.NoError(t, err) // provide correct password and wrong private key ssh = &MakeConfig{ Server: "localhost", User: "drone-scp", Port: "22", Password: "1234", KeyPath: "./tests/.ssh/id_rsa.pub", } outStr, errStr, isTimeout, err = ssh.Run("whoami") assert.Equal(t, "drone-scp\n", outStr) assert.Equal(t, "", errStr) assert.True(t, isTimeout) assert.NoError(t, err) // provide wrong password and correct private key ssh = &MakeConfig{ Server: "localhost", User: "drone-scp", Port: "22", Password: "123456", KeyPath: "./tests/.ssh/id_rsa", } outStr, errStr, isTimeout, err = ssh.Run("whoami") assert.Equal(t, "drone-scp\n", outStr) assert.Equal(t, "", errStr) assert.True(t, isTimeout) assert.NoError(t, err) } func TestRunCommand(t *testing.T) { // wrong key ssh := &MakeConfig{ Server: "localhost", User: "drone-scp", Port: "22", KeyPath: "./tests/.ssh/id_rsa.pub", } outStr, errStr, isTimeout, err := ssh.Run("whoami", 10) assert.Equal(t, "", outStr) assert.Equal(t, "", errStr) assert.False(t, isTimeout) assert.Error(t, err) ssh = &MakeConfig{ Server: "localhost", User: "drone-scp", Port: "22", KeyPath: "./tests/.ssh/id_rsa", } outStr, errStr, isTimeout, err = ssh.Run("whoami") assert.Equal(t, "drone-scp\n", outStr) assert.Equal(t, "", errStr) assert.True(t, isTimeout) assert.NoError(t, err) // error message: not found outStr, errStr, isTimeout, err = ssh.Run("whoami1234") assert.Equal(t, "", outStr) assert.Equal(t, "sh: whoami1234: not found\n", errStr) assert.True(t, isTimeout) // Process exited with status 127 assert.Error(t, err) // error message: Run Command Timeout outStr, errStr, isTimeout, err = ssh.Run("sleep 2", 1*time.Second) assert.Equal(t, "", outStr) assert.Equal(t, "", errStr) assert.False(t, isTimeout) assert.Error(t, err) assert.Equal(t, "Run Command Timeout", err.Error()) // test exit code outStr, errStr, isTimeout, err = ssh.Run("exit 1") assert.Equal(t, "", outStr) assert.Equal(t, "", errStr) assert.True(t, isTimeout) // Process exited with status 1 assert.Error(t, err) } func TestSCPCommand(t *testing.T) { // wrong key ssh := &MakeConfig{ Server: "localhost", User: "drone-scp", Port: "22", KeyPath: "./tests/.ssh/id_rsa.pub", } err := ssh.Scp("./tests/a.txt", "a.txt") assert.Error(t, err) ssh = &MakeConfig{ Server: "localhost", User: "drone-scp", Port: "22", KeyPath: "./tests/.ssh/id_rsa", } err = ssh.Scp("./tests/a.txt", "a.txt") assert.NoError(t, err) u, err := user.Lookup("drone-scp") if err != nil { t.Fatalf("Lookup: %v", err) } // check file exist if _, err := os.Stat(path.Join(u.HomeDir, "a.txt")); os.IsNotExist(err) { t.Fatalf("SCP-error: %v", err) } } func TestSCPCommandWithKey(t *testing.T) { ssh := &MakeConfig{ Server: "localhost", User: "drone-scp", Port: "22", Key: `-----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEA4e2D/qPN08pzTac+a8ZmlP1ziJOXk45CynMPtva0rtK/RB26 VbfAF0hIJji7ltvnYnqCU9oFfvEM33cTn7T96+od8ib/Vz25YU8ZbstqtIskPuwC bv3K0mAHgsviJyRD7yM+QKTbBQEgbGuW6gtbMKhiYfiIB4Dyj7AdS/fk3v26wDgz 7SHI5OBqu9bv1KhxQYdFEnU3PAtAqeccgzNpbH3eYLyGzuUxEIJlhpZ/uU2G9ppj /cSrONVPiI8Ahi4RrlZjmP5l57/sq1ClGulyLpFcMw68kP5FikyqHpHJHRBNgU57 1y0Ph33SjBbs0haCIAcmreWEhGe+/OXnJe6VUQIDAQABAoIBAH97emORIm9DaVSD 7mD6DqA7c5m5Tmpgd6eszU08YC/Vkz9oVuBPUwDQNIX8tT0m0KVs42VVPIyoj874 bgZMJoucC1G8V5Bur9AMxhkShx9g9A7dNXJTmsKilRpk2TOk7wBdLp9jZoKoZBdJ jlp6FfaazQjjKD6zsCsMATwAoRCBpBNsmT6QDN0n0bIgY0tE6YGQaDdka0dAv68G R0VZrcJ9voT6+f+rgJLoojn2DAu6iXaM99Gv8FK91YCymbQlXXgrk6CyS0IHexN7 V7a3k767KnRbrkqd3o6JyNun/CrUjQwHs1IQH34tvkWScbseRaFehcAm6mLT93RP muauvMECgYEA9AXGtfDMse0FhvDPZx4mx8x+vcfsLvDHcDLkf/lbyPpu97C27b/z ia07bu5TAXesUZrWZtKA5KeRE5doQSdTOv1N28BEr8ZwzDJwfn0DPUYUOxsN2iIy MheO5A45Ko7bjKJVkZ61Mb1UxtqCTF9mqu9R3PBdJGthWOd+HUvF460CgYEA7QRf Z8+vpGA+eSuu29e0xgRKnRzed5zXYpcI4aERc3JzBgO4Z0er9G8l66OWVGdMfpe6 CBajC5ToIiT8zqoYxXwqJgN+glir4gJe3mm8J703QfArZiQrdk0NTi5bY7+vLLG/ knTrtpdsKih6r3kjhuPPaAsIwmMxIydFvATKjLUCgYEAh/y4EihRSk5WKC8GxeZt oiZ58vT4z+fqnMIfyJmD5up48JuQNcokw/LADj/ODiFM7GUnWkGxBrvDA3H67WQm 49bJjs8E+BfUQFdTjYnJRlpJZ+7Zt1gbNQMf5ENw5CCchTDqEq6pN0DVf8PBnSIF KvkXW9KvdV5J76uCAn15mDkCgYA1y8dHzbjlCz9Cy2pt1aDfTPwOew33gi7U3skS RTerx29aDyAcuQTLfyrROBkX4TZYiWGdEl5Bc7PYhCKpWawzrsH2TNa7CRtCOh2E R+V/84+GNNf04ALJYCXD9/ugQVKmR1XfDRCvKeFQFE38Y/dvV2etCswbKt5tRy2p xkCe/QKBgQCkLqafD4S20YHf6WTp3jp/4H/qEy2X2a8gdVVBi1uKkGDXr0n+AoVU ib4KbP5ovZlrjL++akMQ7V2fHzuQIFWnCkDA5c2ZAqzlM+ZN+HRG7gWur7Bt4XH1 7XC9wlRna4b3Ln8ew3q1ZcBjXwD4ppbTlmwAfQIaZTGJUgQbdsO9YA== -----END RSA PRIVATE KEY----- `, } // source file not found err := ssh.Scp("./tests/test.txt", "a.txt") assert.Error(t, err) // target file not found ex: appleboy folder not found err = ssh.Scp("./tests/a.txt", "/appleboy/a.txt") assert.Error(t, err) err = ssh.Scp("./tests/a.txt", "a.txt") assert.NoError(t, err) u, err := user.Lookup("drone-scp") if err != nil { t.Fatalf("Lookup: %v", err) } // check file exist if _, err := os.Stat(path.Join(u.HomeDir, "a.txt")); os.IsNotExist(err) { t.Fatalf("SCP-error: %v", err) } } func TestProxyClient(t *testing.T) { ssh := &MakeConfig{ Server: "localhost", User: "drone-scp", Port: "22", Password: "1234", Proxy: DefaultConfig{ User: "drone-scp", Server: "localhost", Port: "22", Password: "123456", }, } // password of proxy client is incorrect. // can't connect proxy server session, client, err := ssh.Connect() assert.Nil(t, session) assert.Nil(t, client) assert.Error(t, err) ssh = &MakeConfig{ Server: "www.che.ccu.edu.tw", User: "drone-scp", Port: "228", Password: "123456", Proxy: DefaultConfig{ User: "drone-scp", Server: "localhost", Port: "22", KeyPath: "./tests/.ssh/id_rsa", }, } // proxy client can't dial to target server session, client, err = ssh.Connect() assert.Nil(t, session) assert.Nil(t, client) assert.Error(t, err) ssh = &MakeConfig{ Server: "localhost", User: "drone-scp", Port: "22", Password: "123456", Proxy: DefaultConfig{ User: "drone-scp", Server: "localhost", Port: "22", KeyPath: "./tests/.ssh/id_rsa", }, } // proxy client can't create new client connection of target session, client, err = ssh.Connect() assert.Nil(t, session) assert.Nil(t, client) assert.Error(t, err) ssh = &MakeConfig{ User: "drone-scp", Server: "localhost", Port: "22", KeyPath: "./tests/.ssh/id_rsa", Proxy: DefaultConfig{ User: "drone-scp", Server: "localhost", Port: "22", KeyPath: "./tests/.ssh/id_rsa", }, } session, client, err = ssh.Connect() assert.NotNil(t, session) assert.NotNil(t, client) assert.NoError(t, err) } func TestProxyClientSSHCommand(t *testing.T) { ssh := &MakeConfig{ User: "drone-scp", Server: "localhost", Port: "22", KeyPath: "./tests/.ssh/id_rsa", Proxy: DefaultConfig{ User: "drone-scp", Server: "localhost", Port: "22", KeyPath: "./tests/.ssh/id_rsa", }, } outStr, errStr, isTimeout, err := ssh.Run("whoami") assert.Equal(t, "drone-scp\n", outStr) assert.Equal(t, "", errStr) assert.True(t, isTimeout) assert.NoError(t, err) } func TestSCPCommandWithPassword(t *testing.T) { ssh := &MakeConfig{ Server: "localhost", User: "drone-scp", Port: "22", Password: "1234", Timeout: 60 * time.Second, } err := ssh.Scp("./tests/b.txt", "b.txt") assert.NoError(t, err) u, err := user.Lookup("drone-scp") if err != nil { t.Fatalf("Lookup: %v", err) } // check file exist if _, err := os.Stat(path.Join(u.HomeDir, "b.txt")); os.IsNotExist(err) { t.Fatalf("SCP-error: %v", err) } } func TestWrongRawKey(t *testing.T) { // wrong key ssh := &MakeConfig{ Server: "localhost", User: "drone-scp", Port: "22", Key: "appleboy", } outStr, errStr, isTimeout, err := ssh.Run("whoami") assert.Equal(t, "", outStr) assert.Equal(t, "", errStr) assert.False(t, isTimeout) assert.Error(t, err) } func TestExitCode(t *testing.T) { ssh := &MakeConfig{ Server: "localhost", User: "drone-scp", Port: "22", KeyPath: "./tests/.ssh/id_rsa", Timeout: 60 * time.Second, } outStr, errStr, isTimeout, err := ssh.Run("set -e;echo 1; mkdir a;mkdir a;echo 2") assert.Equal(t, "1\n", outStr) assert.Equal(t, "mkdir: can't create directory 'a': File exists\n", errStr) assert.True(t, isTimeout) assert.Error(t, err) } func TestSSHWithPassphrase(t *testing.T) { ssh := &MakeConfig{ Server: "localhost", User: "drone-scp", Port: "22", KeyPath: "./tests/.ssh/test", Passphrase: "1234", Timeout: 60 * time.Second, } outStr, errStr, isTimeout, err := ssh.Run("set -e;echo 1; mkdir test1234;mkdir test1234;echo 2") assert.Equal(t, "1\n", outStr) assert.Equal(t, "mkdir: can't create directory 'test1234': File exists\n", errStr) assert.True(t, isTimeout) assert.Error(t, err) } func TestSCPCommandUseInsecureCipher(t *testing.T) { ssh := &MakeConfig{ Server: "localhost", User: "drone-scp", Port: "22", KeyPath: "./tests/.ssh/id_rsa", UseInsecureCipher: true, } err := ssh.Scp("./tests/a.txt", "a.txt") assert.NoError(t, err) u, err := user.Lookup("drone-scp") if err != nil { t.Fatalf("Lookup: %v", err) } // check file exist if _, err := os.Stat(path.Join(u.HomeDir, "a.txt")); os.IsNotExist(err) { t.Fatalf("SCP-error: %v", err) } } easyssh-proxy-1.5.0/example/000077500000000000000000000000001454442226000160115ustar00rootroot00000000000000easyssh-proxy-1.5.0/example/proxy/000077500000000000000000000000001454442226000171725ustar00rootroot00000000000000easyssh-proxy-1.5.0/example/proxy/proxy.go000066400000000000000000000013141454442226000207010ustar00rootroot00000000000000package main import ( "fmt" "github.com/appleboy/easyssh-proxy" ) func main() { // Create MakeConfig instance with remote username, server address and path to private key. ssh := &easyssh.MakeConfig{ User: "drone-scp", Server: "localhost", Port: "22", KeyPath: "./tests/.ssh/id_rsa", Proxy: easyssh.DefaultConfig{ User: "drone-scp", Server: "localhost", Port: "22", KeyPath: "./tests/.ssh/id_rsa", }, } // Call Scp method with file you want to upload to remote server. // Please make sure the `tmp` floder exists. err := ssh.Scp("/root/source.csv", "/tmp/target.csv") if err != nil { panic("Can't run remote command: " + err.Error()) } fmt.Println("success") } easyssh-proxy-1.5.0/example/scp/000077500000000000000000000000001454442226000165765ustar00rootroot00000000000000easyssh-proxy-1.5.0/example/scp/scp.go000066400000000000000000000011121454442226000177050ustar00rootroot00000000000000package main import ( "fmt" "github.com/appleboy/easyssh-proxy" ) func main() { // Create MakeConfig instance with remote username, server address and path to private key. ssh := &easyssh.MakeConfig{ User: "appleboy", Server: "example.com", Password: "123qwe", Port: "22", } // Call Scp method with file you want to upload to remote server. // Please make sure the `tmp` floder exists. err := ssh.Scp("/root/source.csv", "/tmp/target.csv") // Handle errors if err != nil { panic("Can't run remote command: " + err.Error()) } fmt.Println("success") } easyssh-proxy-1.5.0/example/ssh/000077500000000000000000000000001454442226000166065ustar00rootroot00000000000000easyssh-proxy-1.5.0/example/ssh/ssh.go000066400000000000000000000032411454442226000177320ustar00rootroot00000000000000package main import ( "fmt" "time" "github.com/appleboy/easyssh-proxy" ) func main() { // Create MakeConfig instance with remote username, server address and path to private key. ssh := &easyssh.MakeConfig{ User: "appleboy", Server: "example.com", // Optional key or Password without either we try to contact your agent SOCKET // Password: "password", // Paste your source content of private key // Key: `-----BEGIN RSA PRIVATE KEY----- // MIIEpAIBAAKCAQEA4e2D/qPN08pzTac+a8ZmlP1ziJOXk45CynMPtva0rtK/RB26 // 7XC9wlRna4b3Ln8ew3q1ZcBjXwD4ppbTlmwAfQIaZTGJUgQbdsO9YA== // -----END RSA PRIVATE KEY----- // `, KeyPath: "/Users/username/.ssh/id_rsa", Port: "22", Timeout: 60 * time.Second, // Parse PrivateKey With Passphrase Passphrase: "1234", // Optional fingerprint SHA256 verification // Get Fingerprint: ssh.FingerprintSHA256(key) // Fingerprint: "SHA256:mVPwvezndPv/ARoIadVY98vAC0g+P/5633yTC4d/wXE" // Enable the use of insecure ciphers and key exchange methods. // This enables the use of the the following insecure ciphers and key exchange methods: // - aes128-cbc // - aes192-cbc // - aes256-cbc // - 3des-cbc // - diffie-hellman-group-exchange-sha256 // - diffie-hellman-group-exchange-sha1 // Those algorithms are insecure and may allow plaintext data to be recovered by an attacker. // UseInsecureCipher: true, } // Call Run method with command you want to run on remote server. stdout, stderr, done, err := ssh.Run("ls -al", 60*time.Second) // Handle errors if err != nil { panic("Can't run remote command: " + err.Error()) } fmt.Println("don is :", done, "stdout is :", stdout, "; stderr is :", stderr) } easyssh-proxy-1.5.0/example/stream/000077500000000000000000000000001454442226000173045ustar00rootroot00000000000000easyssh-proxy-1.5.0/example/stream/stream.go000066400000000000000000000021431454442226000211260ustar00rootroot00000000000000package main import ( "fmt" "time" "github.com/appleboy/easyssh-proxy" ) func main() { // Create MakeConfig instance with remote username, server address and path to private key. ssh := &easyssh.MakeConfig{ Server: "localhost", User: "drone-scp", KeyPath: "./tests/.ssh/id_rsa", Port: "22", Timeout: 60 * time.Second, } // Call Run method with command you want to run on remote server. stdoutChan, stderrChan, doneChan, errChan, err := ssh.Stream("for i in {1..5}; do echo ${i}; sleep 1; done; exit 2;", 60*time.Second) // Handle errors if err != nil { panic("Can't run remote command: " + err.Error()) } // read from the output channel until the done signal is passed isTimeout := true loop: for { select { case isTimeout = <-doneChan: break loop case outline := <-stdoutChan: fmt.Println("out:", outline) case errline := <-stderrChan: fmt.Println("err:", errline) case err = <-errChan: } } // get exit code or command error. if err != nil { panic("err: " + err.Error()) } // command time out if !isTimeout { fmt.Println("Error: command timeout") } } easyssh-proxy-1.5.0/go.mod000066400000000000000000000006531454442226000154700ustar00rootroot00000000000000module github.com/appleboy/easyssh-proxy go 1.18 require ( github.com/ScaleFT/sshkeys v1.2.0 github.com/stretchr/testify v1.8.4 golang.org/x/crypto v0.17.0 ) require ( github.com/davecgh/go-spew v1.1.1 // indirect github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a // indirect github.com/pmezard/go-difflib v1.0.0 // indirect golang.org/x/sys v0.15.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) easyssh-proxy-1.5.0/go.sum000066400000000000000000000052721454442226000155170ustar00rootroot00000000000000github.com/ScaleFT/sshkeys v1.2.0 h1:5BRp6rTVIhJzXT3VcUQrKgXR8zWA3sOsNeuyW15WUA8= github.com/ScaleFT/sshkeys v1.2.0/go.mod h1:gxOHeajFfvGQh/fxlC8oOKBe23xnnJTif00IFFbiT+o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a h1:saTgr5tMLFnmy/yg3qDTft4rE5DY2uJ/cCxCe3q0XTU= github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a/go.mod h1:Bw9BbhOJVNR+t0jCqx2GC6zv0TGBsShs56Y3gfSCvl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200219091948-cb0a6d8edb6c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= easyssh-proxy-1.5.0/tests/000077500000000000000000000000001454442226000155205ustar00rootroot00000000000000easyssh-proxy-1.5.0/tests/.ssh/000077500000000000000000000000001454442226000163735ustar00rootroot00000000000000easyssh-proxy-1.5.0/tests/.ssh/id_rsa000066400000000000000000000032171454442226000175620ustar00rootroot00000000000000-----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEA4e2D/qPN08pzTac+a8ZmlP1ziJOXk45CynMPtva0rtK/RB26 VbfAF0hIJji7ltvnYnqCU9oFfvEM33cTn7T96+od8ib/Vz25YU8ZbstqtIskPuwC bv3K0mAHgsviJyRD7yM+QKTbBQEgbGuW6gtbMKhiYfiIB4Dyj7AdS/fk3v26wDgz 7SHI5OBqu9bv1KhxQYdFEnU3PAtAqeccgzNpbH3eYLyGzuUxEIJlhpZ/uU2G9ppj /cSrONVPiI8Ahi4RrlZjmP5l57/sq1ClGulyLpFcMw68kP5FikyqHpHJHRBNgU57 1y0Ph33SjBbs0haCIAcmreWEhGe+/OXnJe6VUQIDAQABAoIBAH97emORIm9DaVSD 7mD6DqA7c5m5Tmpgd6eszU08YC/Vkz9oVuBPUwDQNIX8tT0m0KVs42VVPIyoj874 bgZMJoucC1G8V5Bur9AMxhkShx9g9A7dNXJTmsKilRpk2TOk7wBdLp9jZoKoZBdJ jlp6FfaazQjjKD6zsCsMATwAoRCBpBNsmT6QDN0n0bIgY0tE6YGQaDdka0dAv68G R0VZrcJ9voT6+f+rgJLoojn2DAu6iXaM99Gv8FK91YCymbQlXXgrk6CyS0IHexN7 V7a3k767KnRbrkqd3o6JyNun/CrUjQwHs1IQH34tvkWScbseRaFehcAm6mLT93RP muauvMECgYEA9AXGtfDMse0FhvDPZx4mx8x+vcfsLvDHcDLkf/lbyPpu97C27b/z ia07bu5TAXesUZrWZtKA5KeRE5doQSdTOv1N28BEr8ZwzDJwfn0DPUYUOxsN2iIy MheO5A45Ko7bjKJVkZ61Mb1UxtqCTF9mqu9R3PBdJGthWOd+HUvF460CgYEA7QRf Z8+vpGA+eSuu29e0xgRKnRzed5zXYpcI4aERc3JzBgO4Z0er9G8l66OWVGdMfpe6 CBajC5ToIiT8zqoYxXwqJgN+glir4gJe3mm8J703QfArZiQrdk0NTi5bY7+vLLG/ knTrtpdsKih6r3kjhuPPaAsIwmMxIydFvATKjLUCgYEAh/y4EihRSk5WKC8GxeZt oiZ58vT4z+fqnMIfyJmD5up48JuQNcokw/LADj/ODiFM7GUnWkGxBrvDA3H67WQm 49bJjs8E+BfUQFdTjYnJRlpJZ+7Zt1gbNQMf5ENw5CCchTDqEq6pN0DVf8PBnSIF KvkXW9KvdV5J76uCAn15mDkCgYA1y8dHzbjlCz9Cy2pt1aDfTPwOew33gi7U3skS RTerx29aDyAcuQTLfyrROBkX4TZYiWGdEl5Bc7PYhCKpWawzrsH2TNa7CRtCOh2E R+V/84+GNNf04ALJYCXD9/ugQVKmR1XfDRCvKeFQFE38Y/dvV2etCswbKt5tRy2p xkCe/QKBgQCkLqafD4S20YHf6WTp3jp/4H/qEy2X2a8gdVVBi1uKkGDXr0n+AoVU ib4KbP5ovZlrjL++akMQ7V2fHzuQIFWnCkDA5c2ZAqzlM+ZN+HRG7gWur7Bt4XH1 7XC9wlRna4b3Ln8ew3q1ZcBjXwD4ppbTlmwAfQIaZTGJUgQbdsO9YA== -----END RSA PRIVATE KEY----- easyssh-proxy-1.5.0/tests/.ssh/id_rsa.pub000066400000000000000000000006211454442226000203430ustar00rootroot00000000000000ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDh7YP+o83TynNNpz5rxmaU/XOIk5eTjkLKcw+29rSu0r9EHbpVt8AXSEgmOLuW2+dieoJT2gV+8QzfdxOftP3r6h3yJv9XPblhTxluy2q0iyQ+7AJu/crSYAeCy+InJEPvIz5ApNsFASBsa5bqC1swqGJh+IgHgPKPsB1L9+Te/brAODPtIcjk4Gq71u/UqHFBh0USdTc8C0Cp5xyDM2lsfd5gvIbO5TEQgmWGln+5TYb2mmP9xKs41U+IjwCGLhGuVmOY/mXnv+yrUKUa6XIukVwzDryQ/kWKTKoekckdEE2BTnvXLQ+HfdKMFuzSFoIgByat5YSEZ7785ecl7pVR drone-scp@localhost easyssh-proxy-1.5.0/tests/.ssh/test000066400000000000000000000065521454442226000173050ustar00rootroot00000000000000-----BEGIN OPENSSH PRIVATE KEY----- b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAgX0UT5U dbd5qk/WLiRyDeAAAAEAAAAAEAAAIXAAAAB3NzaC1yc2EAAAADAQABAAACAQDojzlRtxSq AaOGaPHwCSRlsw870qwpc55W5AxlcOsbFZdtSwZ/dESBu5ql3dLsTB7WcqXoaA7Qp3w5GV RcFxn+5r2dL17MPe3zZrLNZulbnkXiaVgYLjWa0cAv9zD+0nR8/mtz2DbkpKCD8R3oLJ2B z5oscT2XLcPvIKZlw2eBErpSopLxfpPyhU8WNK9E38mUl2tjtiBVIoIJmtgYWY8XmIpEUR iiRjPidBJUVmLq9kKdUV62V/pMB2UDzqPJUiuABgzh8/9/qM81uMCwyqULzaVhPE+S9P7L dv1Npj5nqwOmUcGj0dhofi+F+qZ8WqGkQJ5JPam0LkGuMKGNJywrxo8XTXSpYCUvbKrTWo 0/1GNLCcHpIcjhUUJGObOMk1YI0Tu52PGpzDf1kI+zzAgPqWxxzegQdLcPIgm4I6x6S48E V13THoAoU5T+rLrhE0i6FokGIwKv4SycDtFCvIdOr1jxJpw0CrKHqMG/kzeljtM1HOojD5 gHwESwwsZL5P5/IWvnZlGZD0fAp/SPWpZIeMTeH12QANxX69RoQfKLRMYWSabDUvGKkIxQ CBaoVOmyVQIqyT5wTZ3msfGVLb729TlZcNo+8snG0k2W9skdlahx1TugzE096P+RzjUfov 6g1NZKHCN8VSeu4+gmPIEiuN3tt99dKDNBMx/QYLfPpwAAB1DxxEspVRHEF4mTxw4+hFhe 855+u3ffHmjgrK7IWZqrrze8bayRAVKPK7UMux4ZCOccc1ydtJFGUrZw8Q5gMe+Y+TusXE WB7LWZK5an/WrEVe1jNgxwrQKjXauKtTY33CFnnTvdE8dUixHr3AddYq1gQ4WcB7v08sj6 f8V4yf80u294H5pjYxFMmTu4QldphV/mZcPQCyuzZKmkPLK2TzZWqGk615zJDd/W8Inm1c IJTQPH4tIA3X3daThxOMLC3eQXC2rvl7qaSz2k8ok7LnND8GrTU0CnE6XUMNjRjlxXO+6n XGVILifwk+bdLlE6aPIqhSuwx/TnbzHwj8DYnd5/Da/KdXpbc4T+925w6til98lyfRICol So6gXace2IK33LKEAaEIr3im+ZFgSIvWZdPu/ZPV7nlNcb/rbMsRF6fKAMFA/kpPr4z5tQ 0pMJYfUmPCMdP7ahZ3km/Cpmee/VQ07s11myA2XeaEPov6yNrHJJtnAp5wsZ5s6ifLmoyl WEPKt8YoIIDib44ANoyhgf6+PA2i+367p5U55ynI6HTXOdB/xWqJ7k4Rah4BSbd1t73wyU kh04/9+YGDabwup7WzT07S7b+T5tGKAwMwK0cE/y5RyVI5JwT2b7fvbO6YH9ZFaNOMT+e0 jBpsrEDkdqnVaFU5b6yWO4Gw6I4Myw+ByATlPM6rmAQoOgfmQmoI47UiTYPr4bLvB7w02B yQb2AxWDFdCJadZDTpFp5E5mXudt3JnfnKpR+9zDud4AahEU63ggJn0gpd51zRtqrTViob qnZ9UtMl9dzGReZFInS6Uq6ge4JJlsxhEVREr/RPUa4NldT7nRMnfxlnwiVcgrdNdeL2Ho 5azXYMsDsACBR9rmz6h7JOpM/oyupbyitGtJMiBrR20UD264L4zZIBU4d6MXQADdOo+oKE OofB9Zj9ovIAGzb9SNAh7vEXE0X6C/EdRNI/DOlca15bd33r+HgKTIONqTws2wThLnSx1r W0voqE6SnhUhQ1FovxtBFYE1Ve8HR7BGyO6AJGQOpqivLry7W1BJyOiwSJ+DDUmcrnCyqJ IoDc9pHQ/9hBlJz2qeBNaSdwMZWKkTCnIYq1f8FAKdRqujFx81toUZw7Lb03JmKZBlALvU PvXcfxCDqSVy66SHVEtGvegFCeo0gQJS0BywQkushDVSoqGQppVoICNtyuzaMzpzkWj5tP iYJzm5VBDucWkCmmqzFVVVdeX4Vd5crQ08ZeuHHOAL61bKde7ji1XnvlmllpByeHA5uPef mGmgf/A1fM3MqioWW/C/Beffe5tJDKxoG7lavIg7F83c48wk+SeJ+2twNMySu1PDYmlRvb VUdy1LtjutFtvySYBDHTFUOkvTOCX01gMTaB8HhaZAA+cjt91jrdKkKBh8spQHg1En/oaR rmuqMWuMadxKIlzUBWLkAme78ce0SbpnGmBG1jz6kbjF3ZWWFJVj+3DHwE9dydfX4gCKT8 iV3IuifJLGtmaQO5AgpquMWYKsdOI+HCsWN2+YngqScmfokMSR4bn8DmcLNVYzzNkfo2/o Oc/ZHtSJlXsY/5el+Bg4FBsvX3akyz32KJ9azsexjMFQl6dt5e6qAeV7kGKic8uaqXhWYW l/sKzuqXVqVP8QwfipH+SZB3b71canc2mnC3+eXroSgG9yYneGzxfP4ppABGRu/hSyLaaq tGyqgelrCXKSiWQs/Vgj46zEAoeIvLW9/NwnPkV3r499Ieh7kqMl2iZzpBXqab2ip6yt0+ 9GQuBwb3YNj7HO/a2YU0aMJrs6YofOa6/0h4ZvLYe6ndzDAAFIlUmqGiHUnjnDtChaUZLX E+9a8GkASVSizvMEpo/71uzOhn3Ta9ixDBqDQgA1DD0p3ko4bq7nYTNIfqghpJW2yTb8Sq Fw9yuZ7WRcS/SNmsVxCN8UsimixI4uugKgiU+YWLdZrlaQk7yCRUZ4Drris4FBW55AjVJ8 nz3suOA+nh8JK0DN99hE9EAtgtMc1oKb76te1VCtd5tUfjN13qq5SvHMQp/dn+y+aVSIEg KrvhXVwxyncL7AC04yK0TJHVk83vXCK6hyFnPeFBPhY0yUtq1smWLrjotaW8ZRLMKG6Kz/ cD69lsCnhFATfbBmKh6mRrBUaZV3nvZKKojJGnTguOQZodg0EEx/XR+aXFmJfKzyo4wdfK OQR/HeDLS+X1tAzEkZl3QtAgeNWwngXlov3wJgg0R5X4scJZlG9ns7UNrJG2D9E4LTLMvZ W1d9tnqAJprUdR9vvqUXGgbndzV+MuV/gY52jt2p7gvscBFVwLLuH7eTarrvqfBPAx+I33 V79GEkDdc9rCpA6BGDEJGr/Xcpx2tDiSqLc8vELfpruROx4T4PuPZvKqqcvHNNUYUQi1+y 7quwL7RgZj+i5hXGTRQ5Y+YfVYY+7sNgUxQpS5pC64s7bvwB0pHjgjn1KTXuyroPkV6pWA FfFEk1ETJhXcl7plxpmcLROyI= -----END OPENSSH PRIVATE KEY----- easyssh-proxy-1.5.0/tests/.ssh/test.pub000066400000000000000000000013441454442226000200640ustar00rootroot00000000000000ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDojzlRtxSqAaOGaPHwCSRlsw870qwpc55W5AxlcOsbFZdtSwZ/dESBu5ql3dLsTB7WcqXoaA7Qp3w5GVRcFxn+5r2dL17MPe3zZrLNZulbnkXiaVgYLjWa0cAv9zD+0nR8/mtz2DbkpKCD8R3oLJ2Bz5oscT2XLcPvIKZlw2eBErpSopLxfpPyhU8WNK9E38mUl2tjtiBVIoIJmtgYWY8XmIpEURiiRjPidBJUVmLq9kKdUV62V/pMB2UDzqPJUiuABgzh8/9/qM81uMCwyqULzaVhPE+S9P7Ldv1Npj5nqwOmUcGj0dhofi+F+qZ8WqGkQJ5JPam0LkGuMKGNJywrxo8XTXSpYCUvbKrTWo0/1GNLCcHpIcjhUUJGObOMk1YI0Tu52PGpzDf1kI+zzAgPqWxxzegQdLcPIgm4I6x6S48EV13THoAoU5T+rLrhE0i6FokGIwKv4SycDtFCvIdOr1jxJpw0CrKHqMG/kzeljtM1HOojD5gHwESwwsZL5P5/IWvnZlGZD0fAp/SPWpZIeMTeH12QANxX69RoQfKLRMYWSabDUvGKkIxQCBaoVOmyVQIqyT5wTZ3msfGVLb729TlZcNo+8snG0k2W9skdlahx1TugzE096P+RzjUfov6g1NZKHCN8VSeu4+gmPIEiuN3tt99dKDNBMx/QYLfPpw== deploy@easyssh easyssh-proxy-1.5.0/tests/a.txt000066400000000000000000000000111454442226000164710ustar00rootroot00000000000000appleboy easyssh-proxy-1.5.0/tests/b.txt000066400000000000000000000000001454442226000164700ustar00rootroot00000000000000easyssh-proxy-1.5.0/tests/entrypoint.sh000077500000000000000000000004351454442226000202740ustar00rootroot00000000000000#!/bin/sh if [ ! -f "/etc/ssh/ssh_host_rsa_key" ]; then # generate fresh rsa key ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa fi if [ ! -f "/etc/ssh/ssh_host_dsa_key" ]; then # generate fresh dsa key ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa fi exec "$@" easyssh-proxy-1.5.0/tests/global/000077500000000000000000000000001454442226000167605ustar00rootroot00000000000000easyssh-proxy-1.5.0/tests/global/c.txt000066400000000000000000000000001454442226000177310ustar00rootroot00000000000000easyssh-proxy-1.5.0/tests/global/d.txt000066400000000000000000000000001454442226000177320ustar00rootroot00000000000000