helper

package
v0.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 15, 2020 License: MPL-2.0 Imports: 6 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func VerifyOTP 

func VerifyOTP(req *SSHVerifyRequest) error

Reads the OTP from the prompt and sends the OTP to vault server. Server searches for an entry corresponding to the OTP. If there exists one, it responds with the IP address and username associated with it. The username returned should match the username for which authentication is requested (environment variable PAM_USER holds this value).

IP address returned by vault should match the addresses of network interfaces or it should belong to the list of allowed CIDR blocks in the config file.

This method is also used to verify if the communication between ssh-helper and Vault server can be established with the given configuration data. If OTP in the request matches the echo request message, then the echo response message is expected in the response, which indicates successful connection establishment.

Types

type SSHVerifyRequest 

type SSHVerifyRequest struct {
	// Http client to communicate with Vault
	Client *api.Client

	// Mount point of SSH backend at Vault
	MountPoint string

	// This can be either an echo request message, which if set Vault will
	// respond with echo response message. OR, it can be the one-time-password
	// entered by the user at the prompt.
	OTP string

	// Structure containing configuration parameters of ssh-helper
	Config *api.SSHHelperConfig
}

Structure representing the ssh-helper's verification request.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.