search

gravitational / teleconsole

Command line tool to share your UNIX terminal and forward local TCP ports to people you trust.
https://www.teleconsole.com
Apache License 2.0
2.78k stars 154 forks source link

Sharing session using file-based identity requires the private key #19

Open samscott89 opened 7 years ago

samscott89 commented 7 years ago

Using the -i command line switch with an identity file requires providing the private SSH key, and proceeds to derive the public key from it.

Unless I'm missing how the keys are used, that doesn't seem to be the implied functionality from the blog post.

Example:

teleconsole -i ~/.ssh/id_tele.pub -vv
DEBU[0000] Server: https://teleconsole.com:443, Args: []  file=clt/main.go:39 func=clt.(*App).DebugDump
INFO[0000] Ping http://eu.teleconsole.com/ping           file=geo/geo.go:41 func=geo.FindFastestEndpoint.func1
INFO[0000] Ping http://as.teleconsole.com/ping           file=geo/geo.go:41 func=geo.FindFastestEndpoint.func1
INFO[0000] Ping http://teleconsole.com/ping              file=geo/geo.go:41 func=geo.FindFastestEndpoint.func1
INFO[0000] eu.teleconsole.com responded in 473.992811ms  file=geo/geo.go:60 func=geo.FindFastestEndpoint
INFO[0000] Getting version from https://eu.teleconsole.com:443  file=clt/api_client.go:71 func=clt.(*APIClient).CheckVersion
INFO[0002] Connecting to https://eu.teleconsole.com:443  file=clt/api_client.go:105 func=clt.(*APIClient).CheckVersion
ERRO[0002] ssh: no key found                             file=lib/identity.go:86 func=lib.MakeIdentity
ssh: no key found
DEBU[0002] 
ERROR REPORT:
Original Error: *errors.errorString ssh: no key found
Stack Trace:
    /home/ekontsevoy/go/src/github.com/gravitational/teleconsole/lib/identity.go:179 github.com/gravitational/teleconsole/lib.loginFromFile
    /home/ekontsevoy/go/src/github.com/gravitational/teleconsole/lib/identity.go:137 github.com/gravitational/teleconsole/lib.loginsFrom
    /home/ekontsevoy/go/src/github.com/gravitational/teleconsole/lib/identity.go:82 github.com/gravitational/teleconsole/lib.MakeIdentity
    /home/ekontsevoy/go/src/github.com/gravitational/teleconsole/clt/clt.go:72 github.com/gravitational/teleconsole/clt.StartBroadcast
    /home/ekontsevoy/go/src/github.com/gravitational/teleconsole/clt/main.go:182 github.com/gravitational/teleconsole/clt.(*App).Start
    /home/ekontsevoy/go/src/github.com/gravitational/teleconsole/main.go:45 main.main
    /opt/go/src/runtime/proc.go:192 runtime.main
    /opt/go/src/runtime/asm_amd64.s:2087 runtime.goexit
User Message: 
  file=teleconsole/main.go:61 func=main.fatalIf

For reference it does work using teleconsole -i ~/.ssh/id_tele.

This means that both client and server need to have the private key for this to work which kind of defeats the purpose.

kontsevoy commented 7 years ago

@samscott89 looking into it, thanks.

shadiakiki1986 commented 6 years ago

Can confirm this. Doesn't make sense to send the private key to the server

Edit: Btw this contradicts with the comment lib/identity.go#L37.

Added a PR (link below)