Closed gkc closed 10 months ago
@XavierChanth @cconstab @JeremyTubongbanua Please add tasks for any other things we need in v4.0.0
Been giving the use of ephemeral ssh keys in the forward use of sshnp (i.e sshnpd extends sshd via sshrv) some thought.
Currently we use ephemeral keys for the reverse ssh so that we can get to the remote sshd on localhost.
Whilst strictly speaking if you have an account on the remote machine you should be able to use those ssh keys to get port 22 extended. But in some cases the remote sshd will be asking for additional auth and that may upset the flow of the forward ssh.
So it may be worth thinking again and using ephemeral ssh keys to get to the sshd port so when the user runs the ssh command they can auth via whatever mechanism is added to the sshd (for instance CyberArk).
This could mean for instance a standard sshd runnning on say port 22000 for use with sshnp and then extending to 22 where the Cyberark sshd is running..
So options for ephemeral keys and talking to a sshd not on the standard port 22 (sshnp non standard port for sshd was added in a draft PR this weekend)
Discussion before code :-)
@gkc we likely also want to include any changes to the sshnpd installer in this release as well. It might be time that I implement config files for sshnpd so we can start supporting init systems
Will aim to get v4 out the door during PR70
@gkc @cconstab I plan to modify how ssh key management works in ssh no ports across the board:
Adding -i
which will allow you to specify either the private or publickey, see the man page entry for ssh -i:
-i identity_file
Selects a file from which the identity (private key) for public key authentication is read. You can also
specify a public key file to use the corresponding private key that is loaded in ssh-agent(1) when the
private key file is not present locally.
In addition, -s will change from a String option to a boolean flag, and it will simply send the public key associated with the identity specified by -i. (BREAKING CHANGE)
The reason for these changes is that it is no longer viable to pass around file paths in the core code, due to mobile sandboxing issues. So when the CLI receives a file path it will read the file in and carry that around as part of the parameters instead, this way the keys are fully portable.
Adding another mixin to the SSHNPImpl Family:
classDiagram
class SSHNP{
<<abstract interface>>
Exports public API
}
class SSHNPImpl{
<<abstract>>
Implements common code between all implementations
}
class SSHNPForwardDartImpl {
forward pure-dart client
}
class SSHNPForwardExecImpl {
forward ssh exec client
}
class SSHNPReverseImpl {
reverse ssh client for non-sshrvd hosts
}
class SSHNPLegacyImpl {
reverse ssh client for <4.0.0 daemons
}
class SSHNPForwardMixin{
<<mixin>>
Implements common forward code
}
class SSHNPReverseMixin{
<<mixin>>
Implements common reverse code
}
class SSHNPLocalFileMixin{
<<mixin>>
Implements file system bindings for support client types
}
SSHNP <|.. SSHNPImpl
SSHNPImpl <|.. SSHNPForwardDartImpl
SSHNPImpl <|.. SSHNPForwardExecImpl
SSHNPImpl <|.. SSHNPReverseImpl
SSHNPImpl <|.. SSHNPLegacyImpl
SSHNPForwardDartImpl *-- SSHNPForwardMixin
SSHNPForwardExecImpl *-- SSHNPForwardMixin
SSHNPForwardExecImpl *-- SSHNPLocalFileMixin
SSHNPReverseImpl *-- SSHNPLocalFileMixin
SSHNPLegacyImpl *-- SSHNPLocalFileMixin
SSHNPReverseImpl *-- SSHNPReverseMixin
SSHNPLegacyImpl *-- SSHNPReverseMixin
@gkc @cconstab I plan to modify how ssh key management works in ssh no ports across the board: Adding
-i
which will allow you to specify either the private or publickey, see the man page entry for ssh -i:-i identity_file Selects a file from which the identity (private key) for public key authentication is read. You can also specify a public key file to use the corresponding private key that is loaded in ssh-agent(1) when the private key file is not present locally.
In addition, -s will change from a String option to a boolean flag, and it will simply send the public key associated with the identity specified by -i. (BREAKING CHANGE)
The reason for these changes is that it is no longer viable to pass around file paths in the core code, due to mobile sandboxing issues. So when the CLI receives a file path it will read the file in and carry that around as part of the parameters instead, this way the keys are fully portable.
Perfect, thanks Xavier - this has been a code smell for a while
Old hack temoved 4.0.0 release is the time to break things TY
Another behaviour thing I'm fixing: remote username is expected to be shared or manually set by the client, this should automatically fallback to the current local username like ssh, but right now it throws an error.
Is your feature request related to a problem? Please describe.
noports release 4.0.0 will have multiple stability and functionality enhancements and should be done as soon as is practical
Describe the solution you'd like