Closed coderofsalvation closed 1 year ago
Hello @coderofsalvation,
I'm pretty sure this type of functionality would be out-of-scope for this project, simply because of its design.
What makes sshportal great is that it's basically an ssh pipe; it establishes a TCP connection to a remote host, and pipes I/O between your ssh client and the ssh server at destination (using SSH channels).
What makes it so great? Simply put, sshportal doesn't assume any particular context for your connection. You can be establishing a TTY-less connection, maybe your remote host has a custom shell (more on that later), maybe you simply want to run an ssh subsystem (e.g. SFTP), or maybe you simply want to set forwarding (e.g. X11, or network).
What's the drawback? SSHportal doesn't act as a full fledged ssh client in regards to the server it's connecting to. Thus it currently has no means to use the features ssh provides, such as command execution. Implementing this would mean creating a new type of session in sshportal which would resolve and run commands from an ssh client, and thus deviates (in my opinion) greatly from the purpose the project is supposed to serve, which is serving as a gateway/router between ssh clients and ssh servers.
Is there a way to achieve functionality still? Well of course, you can:
Subsystem runmyscript /usr/bin/myscript
Then run the script as follows:
ssh sshportal -l youruser -s runscript
thanks for the explanation and hinting subsystems! ❤
Actual Result / Problem
Don't know how to configure passwordless login
Some context
The invite feature is amazing (kudos for that!). However, I was curious if it's also possible to redirect passwordless key-less logins, to allow execution of scripts on the filesystem (by specifying a loginshell in /etc/passwd or a script in the sshportal admin).
Example usecase:
this would allow public programmable reports over ssh:
or letting userscripts programmatically have their apps generate links (using sshportal as an interface):
Invite-links reduce a lot of ssh-friction, but this would also open up cgi-like frictionless actions.