sshtunnel

package module
v0.0.0-...-db7fb94 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 28, 2019 License: MIT Imports: 11 Imported by: 1

README

sshtunnel

cover.run Build Status

Go library providing a dialer for SSH-tunneled TCP and Unix domain socket connections. Please note the limitations below.

The underlying package golang.org/x/crypto/ssh already provides a dialer ssh.Client.Dial that can establish direct-tcpip (TCP) and direct-streamlocal (Unix domain socket) connections via SSH.

In comparison, the functions Dial/DialContext, ReDial/ReDialContext, Listen/ListenContext in this package provide additional convenience features such as redialling dropped connections, and serving the tunnel locally.

Furthermore, a wrapper github.com/sgreben/sshtunnel/exec around (exec'd) external clients, with a similar interface as the native client, is provided.

Get it

go get -u "github.com/sgreben/sshtunnel"

Use it

import "github.com/sgreben/sshtunnel"
Docs

Toy example (native)
package main

import (
	"fmt"
	"io"
	"os"

	"golang.org/x/crypto/ssh"
	"github.com/sgreben/sshtunnel"
)

func main() {
	// Connect to "google.com:80" via a tunnel to "ubuntu@my-ssh-server-host:22"
	keyPath := "private-key.pem"
	authConfig := sshtunnel.ConfigAuth{
		Keys:     []sshtunnel.KeySource{{Path: &keyPath}},
	}
	sshAuthMethods, _ := authConfig.Methods()
	clientConfig := ssh.ClientConfig{
		User: "ubuntu",
		Auth: sshAuthMethods,
		HostKeyCallback: ssh.InsecureIgnoreHostKey(),
	}
	tunnelConfig := sshtunnel.Config{
		SSHAddr: "my-ssh-server-host:22",
		SSHClient: &clientConfig,
	}
	conn, _, err := sshtunnel.Dial("tcp", "google.com:80", &tunnelConfig)
	if err != nil {
		panic(err)
	}
	// Do things with conn
	fmt.Fprintln(conn, "GET /")
	io.Copy(os.Stdout, conn)
}
Toy example (external client)
package main

import (
	"fmt"
	"io"
	"log"
	"os"
	"os/exec"
	"time"

	"github.com/sgreben/sshtunnel/exec"
)

func main() {
	// Connect to "google.com:80" via a tunnel to "ubuntu@my-ssh-server-host:22"
	//
	// Unlike the "native" example above, here a binary named `ssh` (which must be in $PATH)
	// is used to set up the tunnel.
	tunnelConfig := sshtunnel.Config{
		User:            "ubuntu",
		SSHHost:         "my-ssh-server-host",
		SSHPort:         "22",
		CommandTemplate: sshtunnel.CommandTemplateOpenSSH,
		CommandConfig: func(cmd *exec.Cmd) error {
			cmd.Stdout = os.Stdout
			cmd.Stderr = os.Stderr
			cmd.Stdin = os.Stdin
			return nil
		},
	}

	tunnelConfig.Backoff.Min = 50 * time.Millisecond
	tunnelConfig.Backoff.Max = 1 * time.Second
	tunnelConfig.Backoff.MaxAttempts = 8

	conn, _, err := sshtunnel.Dial("google.com:80", &tunnelConfig)
	if err != nil {
		panic(err)
	}
	// Do things with conn
	fmt.Fprintln(conn, "GET /")
	io.Copy(os.Stdout, conn)
}
Bigger examples

Projects using this library:

Limitations

  • No tests; want some - write some.

Documentation

Overview

Package sshtunnel lets you dial (and re-publish locally) SSH-tunneled TCP. and Unix domain socket connections using the native Go SSH client golang.org/x/crypto/ssh.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Dial 

func Dial(network, addr string, config *Config) (net.Conn, <-chan error, error)

Dial opens a tunnelled connection to the address on the named network. Supported networks are "tcp", "tcp4" (IPv4-only), "tcp6" (IPv6-only), "unix", "unixgram" and "unixpacket".

func DialContext 

func DialContext(ctx context.Context, network, addr string, config *Config) (net.Conn, <-chan error, error)

DialContext opens a tunnelled connection to the address on the named network using the provided context.

See func Dial for a description of the network and address parameters.

func Listen 

func Listen(laddr net.Addr, network, addr string, config *Config, reconnectBackoff backoff.Config) (net.Listener, chan error, error)

Listen is ListenContext with context.Background()

func ListenContext 

func ListenContext(ctx context.Context, laddr net.Addr, network, addr string, config *Config, reconnectBackoff backoff.Config) (net.Listener, chan error, error)

ListenContext serves an SSH tunnel to a remote address on the given local network address `laddr`. The remote endpoint of the tunneled connections is given by the network and addr parameters.

See func ReDial for a description of the network, addr, config and reconnectBackoff parameters.

func ReDial 

func ReDial(network, addr string, config *Config, backoffConfig backoff.Config) (<-chan net.Conn, <-chan error)

ReDial opens a tunnelled connection to the address on the named network.

Failed connections are re-dialled following the given back-off configuration. Dropped connections are immediately re-dialed.

Supported networks are "tcp", "tcp4" (IPv4-only), "tcp6" (IPv6-only), "unix", "unixgram" and "unixpacket".

func ReDialContext 

func ReDialContext(ctx context.Context, network, addr string, config *Config, backoffConfig backoff.Config) (<-chan net.Conn, <-chan error)

ReDialContext opens a tunnelled connection to the address on the named network using the provided context.

Failed connections are re-dialled following the given back-off configuration. Dropped connections are immediately re-dialed.

See func ReDial for a description of the network and address parameters.

Types

type Config 

type Config struct {
	// SSHAddr is the host:port address of the SSH server (required).
	SSHAddr string
	// SSHClient is the ssh.Client config (required).
	SSHClient *ssh.ClientConfig
	// SSHConn is a pre-existing connection to an SSH server (optional).
	SSHConn net.Conn
}

Config is an SSH tunnel configuration.

When `SSHConn` is set to a non-nil net.Conn, that connection is reused instead of opening a new one.

type ConfigAuth 

type ConfigAuth struct {
	Password *string
	SSHAgent *ConfigSSHAgent
	Keys     []KeySource
}

ConfigAuth is an authentication configuration for an SSH tunnel.

func (ConfigAuth) Methods 

func (a ConfigAuth) Methods() (out []ssh.AuthMethod, err error)

Methods returns the configured SSH auth methods.

type ConfigSSHAgent 

type ConfigSSHAgent struct {
	Addr       net.Addr
	Passphrase *[]byte
}

ConfigSSHAgent is the configuration for an ssh-agent connection.

func (ConfigSSHAgent) Keys 

func (a ConfigSSHAgent) Keys() ([]ssh.Signer, error)

Keys obtains and returns all keys from the configured ssh agent.

type DialFunc 

type DialFunc func(*ssh.Client, string) (net.Conn, error)

DialFunc is a dialler for tunneled connections.

type KeySource 

type KeySource struct {
	PEM        *[]byte
	Path       *string
	Passphrase *[]byte
	Signer     ssh.Signer
}

KeySource is the configuration of an ssh key.

Either Signer, or one of PEM and Path must be set. If PEM or Path are set and the referred key is encrypted, Passphrase must also be set.

func (KeySource) Key 

func (a KeySource) Key() (ssh.Signer, error)

Key obtains and returns the configured key.

Source Files

View all Source files

Directories

Path Synopsis
Package sshtunnel lets you dial (and re-publish locally) SSH-tunneled TCP and Unix domain socket connections using external SSH client processes.
 Package sshtunnel lets you dial (and re-publish locally) SSH-tunneled TCP and Unix domain socket connections using external SSH client processes.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.