mirror of
https://github.com/moul/sshportal.git
synced 2024-09-20 06:56:04 +08:00
Small fixes
This commit is contained in:
parent
82f96e457c
commit
cb3c1056e5
|
@ -4,6 +4,7 @@
|
|||
|
||||
* The default created user now has the same username as the user starting sshportal (was hardcoded "admin")
|
||||
* Add Telnet support
|
||||
* Add TTY audit feature ([#23](https://github.com/moul/sshportal/issues/23)) by [@sabban](https://github.com/sabban)
|
||||
|
||||
## v1.7.1 (2018-01-03)
|
||||
|
||||
|
|
2
Makefile
2
Makefile
|
@ -33,7 +33,7 @@ test:
|
|||
|
||||
.PHONY: lint
|
||||
lint:
|
||||
gometalinter --disable-all --enable=errcheck --enable=vet --enable=vetshadow --enable=golint --enable=gas --enable=ineffassign --enable=goconst --enable=goimports --enable=gofmt --exclude="should have comment" --enable=staticcheck --enable=gosimple --enable=misspell --deadline=20s .
|
||||
gometalinter --disable-all --enable=errcheck --enable=vet --enable=vetshadow --enable=golint --enable=gas --enable=ineffassign --enable=goconst --enable=goimports --enable=gofmt --exclude="should have comment" --enable=staticcheck --enable=gosimple --enable=misspell --deadline=60s .
|
||||
|
||||
.PHONY: backup
|
||||
backup:
|
||||
|
|
|
@ -37,6 +37,7 @@ Jump host/Jump server without the jump, a.k.a Transparent SSH bastion
|
|||
* Sensitive data encryption
|
||||
* Session management (see active connections, history, stats, stop)
|
||||
* Audit log (logging every user action)
|
||||
* Record TTY Session
|
||||
* Host Keys verifications shared across users
|
||||
* Healthcheck user (replying OK to any user)
|
||||
* SSH compatibility
|
||||
|
|
8
main.go
8
main.go
|
@ -75,7 +75,7 @@ func main() {
|
|||
Usage: "Encrypt sensitive data in database (length: 16, 24 or 32)",
|
||||
},
|
||||
cli.StringFlag{
|
||||
Name: "logs-location",
|
||||
Name: "logs-location",
|
||||
Value: "./log",
|
||||
Usage: "Store user session files",
|
||||
},
|
||||
|
@ -138,16 +138,16 @@ func server(c *cli.Context) error {
|
|||
// check for the logdir existence
|
||||
logsLocation, e := os.Stat(c.String("logs-location"))
|
||||
if e != nil {
|
||||
err = os.MkdirAll(c.String("logs-location"), os.ModeDir | os.FileMode(0750) )
|
||||
err = os.MkdirAll(c.String("logs-location"), os.ModeDir|os.FileMode(0750))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
} else {
|
||||
if !logsLocation.IsDir() {
|
||||
log.Fatal("log directory cannnot be created")
|
||||
log.Fatal("log directory cannot be created")
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
opts := []ssh.Option{}
|
||||
// custom PublicKeyAuth handler
|
||||
opts = append(opts, ssh.PublicKeyAuth(publicKeyAuthHandler(db, c)))
|
||||
|
|
2
ssh.go
2
ssh.go
|
@ -145,7 +145,7 @@ func channelHandler(srv *ssh.Server, conn *gossh.ServerConn, newChan gossh.NewCh
|
|||
err = bastionsession.ChannelHandler(srv, conn, newChan, ctx, bastionsession.Config{
|
||||
Addr: host.DialAddr(),
|
||||
ClientConfig: clientConfig,
|
||||
Logs: logsLocation,
|
||||
Logs: logsLocation,
|
||||
})
|
||||
|
||||
now := time.Now()
|
||||
|
|
22
vendor/github.com/arkan/bastion/LICENSE
generated
vendored
Normal file
22
vendor/github.com/arkan/bastion/LICENSE
generated
vendored
Normal file
|
@ -0,0 +1,22 @@
|
|||
MIT License
|
||||
|
||||
Copyright (c) 2016-2017 Florian Bertholin
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
||||
|
49
vendor/github.com/arkan/bastion/pkg/logchannel/logchannel.go
generated
vendored
Normal file
49
vendor/github.com/arkan/bastion/pkg/logchannel/logchannel.go
generated
vendored
Normal file
|
@ -0,0 +1,49 @@
|
|||
package logchannel
|
||||
|
||||
import (
|
||||
"encoding/binary"
|
||||
"io"
|
||||
"syscall"
|
||||
"time"
|
||||
|
||||
"golang.org/x/crypto/ssh"
|
||||
)
|
||||
|
||||
type logChannel struct {
|
||||
channel ssh.Channel
|
||||
writer io.WriteCloser
|
||||
}
|
||||
|
||||
func writeTTYRecHeader(fd io.Writer, length int) {
|
||||
t := time.Now()
|
||||
|
||||
tv := syscall.NsecToTimeval(t.UnixNano())
|
||||
|
||||
binary.Write(fd, binary.LittleEndian, int32(tv.Sec))
|
||||
binary.Write(fd, binary.LittleEndian, int32(tv.Usec))
|
||||
binary.Write(fd, binary.LittleEndian, int32(length))
|
||||
}
|
||||
|
||||
func New(channel ssh.Channel, writer io.WriteCloser) *logChannel {
|
||||
return &logChannel{
|
||||
channel: channel,
|
||||
writer: writer,
|
||||
}
|
||||
}
|
||||
|
||||
func (l *logChannel) Read(data []byte) (int, error) {
|
||||
return l.Read(data)
|
||||
}
|
||||
|
||||
func (l *logChannel) Write(data []byte) (int, error) {
|
||||
writeTTYRecHeader(l.writer, len(data))
|
||||
l.writer.Write(data)
|
||||
|
||||
return l.channel.Write(data)
|
||||
}
|
||||
|
||||
func (l *logChannel) Close() error {
|
||||
l.writer.Close()
|
||||
|
||||
return l.channel.Close()
|
||||
}
|
6
vendor/vendor.json
vendored
6
vendor/vendor.json
vendored
|
@ -8,6 +8,12 @@
|
|||
"revision": "648efa622239a2f6ff949fed78ee37b48d499ba4",
|
||||
"revisionTime": "2016-10-02T11:37:05Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "MHJo0MQ1wV3xSm0ncSn/aHaZR3Y=",
|
||||
"path": "github.com/arkan/bastion/pkg/logchannel",
|
||||
"revision": "0eb93ed2121907205ca69f46667a25f8b4320fde",
|
||||
"revisionTime": "2018-01-04T15:54:52Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "qe14CYEIsrbHmel1u0gsdZNFPLQ=",
|
||||
"path": "github.com/asaskevich/govalidator",
|
||||
|
|
Loading…
Reference in a new issue