Documentation ¶
Overview ¶
Package sshsso implements gssapiServer and gssapiClient from crypto/ssh based on the Windows Security Support Provider Interface "negotiate" implimentation. This makes it possible to do authentication without prompting the user for credentials using AD. This package makes no attempt to be compatible with any other ssh server or client other than itself.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var Debug = false
Debug will cause each GAASPI call to be logged using the default logger
Functions ¶
func NewClient ¶
func NewClient() ssh.GSSAPIClient
NewClient returns a GSSAPIClient from crypto/ssh. It will always attempt to authenticate as the current Windows user. This is not thread safe. In normal client scenarios this is fine, but if you want to handle multiple authentication attempts at once you will need to create a new copy for each connection and pass that in via a new `ssh.ClientConfig`.
func NewServer ¶
func NewServer() ssh.GSSAPIServer
NewServer returns a GSSAPIServer from crypto/ssh. It will authenticate as the SPN "HOST/foo" where foo is the hostname (not fqdn) of the current computer. This may necessitate running as "SYSTEM" or "Network Service". This is not thread safe. If you want to handle multiple authentication attempts at once (for example in a normal server) you will need to create a new copy for each connection, and pass that in via a new `ssh.ServerConfig`.
Types ¶
This section is empty.