159 commits

Author	SHA1	Message	Date
Eugene	ec98c3dbd1	Offer checking and accepting SSH host keys in the admin UI (#1307)	2025-04-05 04:05:21 +02:00
samtoxie	95dce41ce1	Fix SSH Client to respond to keyboard-interactive when target has optional 2FA (#1273) ... Co-authored-by: Eugene <inbox@null.page>	2025-02-27 16:03:58 +01:00
Eugene	7985f80a91	removed a dbg!	2025-02-27 15:42:23 +01:00
Eugene	8d8973b4e4	ssh: only attempt the RSA key auth once (#1274)	2025-02-27 15:02:29 +01:00
Eugene	664dbda65a	Bump version: 0.13.1 → 0.13.2	2025-02-26 10:40:54 +01:00
Eugene	1a07694409	lint	2025-02-26 10:40:49 +01:00
Eugene	299ec932fc	Bump version: 0.13.0 → 0.13.1	2025-02-19 21:44:58 +01:00
Eugene	43604ac649	Bump version: 0.14.0 → 0.13.0	2025-02-18 23:04:06 +01:00
Eugene	d7651fb1a3	Bump version: 0.13.0-beta.2 → 0.14.0	2025-02-18 23:02:03 +01:00
Eugene	9453879e1d	fmt	2025-02-13 15:58:20 +01:00
samtoxie	e2036886fb	Implement Agent Forwarding (#1249) ... This PR implements Agent forwarding as discussed at https://github.com/warp-tech/warpgate/issues/177#issuecomment-2647526617 Huge thanks to @Eugeny for the pointing me in the right direction --------- Signed-off-by: Sam Toxopeus <sam@toxopeus.it>	2025-02-13 15:56:42 +01:00
Eugene	55dcd11a17	added streamlocal-forward support (remote UNIX socket forwarding) (#1243)	2025-02-09 15:28:22 +01:00
Eugene	2cdf8babae	bump vulnerable deps (#1241)	2025-02-09 00:08:59 +01:00
Eugene	f3b7a5808c	Bump version: 0.12.0 → 0.13.0-beta.1	2025-02-02 21:22:55 +01:00
Eugene	c2208f4c87	docker fix (#1229)	2025-01-30 14:16:37 +01:00
Eugene	fefb8a81bb	russh bump (#1224)	2025-01-27 15:56:13 +01:00
Eugene	b7a1a1801b	bumped russh (#1210)	2025-01-14 18:50:40 +01:00
Eugene	6ade841378	correctly bind to both ipv4 and ipv6 when [::] is set as listen endpoint (#1193)	2024-12-27 10:16:36 +01:00
Mohammad Al Shakoush	59884fbbe9	Add More Metadata to public ssh keys (#1182) ... Co-authored-by: Eugene <inbox@null.page>	2024-12-22 19:13:42 +01:00
Eugene	efcb2205ff	Bump russh for ssh-key/ssh-encoding backend (#1144)	2024-12-12 21:44:54 +01:00
Eugene	64d71949f9	fixed #1150 - send ssh-rsa client key when insecure algorithms are enabled	2024-12-10 21:49:20 +01:00
Eugene	fb1babcb41	Bump version: 0.11.0 → 0.12.0-beta.1	2024-12-07 23:42:58 +01:00
Eugene	379b1bc5e9	fixed #983 - enable ssh-rsa when insecure algorithms are allowed	2024-11-27 21:54:00 +01:00
Eugene	f217b5da04	Self-service credentials management (#1145)	2024-11-26 23:13:48 +01:00
Eugene	b35983837f	Separate DB models for credentials (#1143)	2024-11-24 19:35:31 +01:00
Piotr Rotter	ef46e75d5b	add keepalive_interval to ssh config (#1134)	2024-11-19 22:24:21 +01:00
Eugene	a20fdb8cc9	Bump russh (#1131)	2024-11-18 10:31:39 +01:00
Eugene	dbf96a8fee	fixed #1093 - allow multiple return domains for SSO, prefer host header over external_host	2024-10-24 00:04:37 +02:00
Eugene	837cc2d515	Bump version: 0.10.2 → 0.11.0	2024-10-09 00:24:38 +02:00
Eugene	1f597a88a5	fixed #1053 - prevent repeated consumption of the ticket uses within the same SSH session	2024-09-27 18:12:48 +02:00
Eugene	c191e54c07	bumped rustls & related pkgs (#1066)	2024-09-18 11:28:39 +02:00
Eugene	53b0a9095b	Bump version: 0.10.1 → 0.10.2	2024-08-14 22:59:52 +02:00
Eugene	fe924f31ce	fixed GHSA-vgvv-x7xg-6cqg - SSH OOM DoS through malicious packet length	2024-08-14 22:59:23 +02:00
Eugene	c328127493	fixed #941 - unnecessary port in external URLs	2024-07-26 19:33:28 +02:00
Eugene	a0465174a7	Bump version: 0.10.0 → 0.10.1	2024-07-26 18:18:39 +02:00
Eugene	daacd55d25	fixed #972 - ssh: only offer available auth methods after a rejected public key offer	2024-07-25 12:11:25 +02:00
Eugene	c83a70c730	Bump version: 0.9.1 → 0.10.0	2024-07-18 09:55:42 +02:00
Eugene	0ed2104974	bumped russh to 0.44	2024-07-18 09:49:04 +02:00
Eugene	ebb6956b82	re-save ed25519 keys to fix the encoding error	2024-07-16 22:01:07 +02:00
Eugene	571abb1cb1	bumped russh to 0.44.0-beta.4	2024-07-16 21:14:28 +02:00
Eugene	f07b9246a8	switch to rustls	2024-07-16 12:56:42 +02:00
Eugene	4afa979de2	bump rust some more	2024-07-16 10:40:27 +02:00
Eugene	841bbe85da	bumped rust	2024-07-10 10:55:18 +02:00
Eugene	9bfaa3a7fd	typo	2024-07-09 22:43:35 +02:00
Eugene	7df98f73e0	bumped russh	2024-07-09 22:43:14 +02:00
Néfix Estrada	9582a6e0ae	feat(ssh): make inactivity timeout configurable (#990) ... With this change, the SSH inactivity timeout is now configurable. By default, is set at 5 minutes (300 seconds), which was the already existing value. Solves #943	2024-05-31 12:52:27 +02:00
Eugene	8896bb361e	fixed #961 - added option to allow insecure ssh kex (#971)	2024-03-24 14:09:20 +01:00
Eugene	21e0008695	updated russh to 0.43 (#970)	2024-03-24 11:04:21 +01:00
Shea Smith	5551c33259	Switch OOB SSO authentication for SSH to use the instructions instead of the name (#964) ... Some SFTP clients (specifically WinSCP) truncate the name parameter for keyboard interactive login (WinSCP specifically puts it in the titlebar):  This PR changes the Warpgate authentication flow to use the keyboard interactive parameter for instructions for the primary instructions for SSO web-based auth, instead of the name. This results in the following UI for WinSCP:  Filezilla:  and OpenSSH:  Perhaps some changes to the wording may be in order (e.g. to prevent the duplication of 'Warpgate authentication' in OpenSSH and FileZilla, but I thought I would leave this PR as being as minimal as possible for the meantime.	2024-03-23 21:50:11 +01:00
Eugene	47c943d201	lint	2024-03-23 12:24:52 +01:00