README
¶
go-sshd 
A sshd written in Go. Forked from github.com/jpillora/go-and-ssh. Only supported request types are exec, shell, pty-req, window-change, and sftp subsystem.
This sshd is NOT production ready. I use this sshd for testing purpose only.
Example usage
Run the example server.
Get the source.
go get github.com/hnakamur/go-sshd
cd $GOPATH/src/github.com/hnakamur/go-sshd/example
Generate the sever host key.
ssh-keygen -t rsa -b 2048 -f id_rsa -N ''
Run the server at the address 127.0.0.1:2022
go run main.go
Run a ssh client
Run a ssh client. You can see the password in the example source.
$ ssh -o UserKnownHostsFile=/dev/null -p 2022 foo@127.0.0.1
The authenticity of host '[127.0.0.1]:2022 ([127.0.0.1]:2022)' can't be established.
RSA key fingerprint is SHA256:wr...(masked)...wc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[127.0.0.1]:2022' (RSA) to the list of known hosts.
foo@127.0.0.1's password:
$ ls
id_rsa id_rsa.pub main.go
$ exit
exit
Connection to 127.0.0.1 closed.
License
MIT
Documentation
¶
Overview ¶
Package sshd provides a subset of the ssh server protocol. Only supported request types are exec, shell, pty-req, window-change, and sftp subsystem.
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
Server is the sshd server.
func NewServer ¶
NewServer creates a sshd server. The shellPath is the path of the shell (e.g., "bash"). You can pass nil as logger if you want to disable log outputs.
func (*Server) ListenAndServe ¶
ListenAndServe let the server listen and serve.
Example ¶
package main
import (
"flag"
"fmt"
"io/ioutil"
"log"
"os"
sshd "github.com/hnakamur/go-sshd"
"golang.org/x/crypto/ssh"
)
func main() {
var (
address = flag.String("address", "127.0.0.1:2022", "listen address")
hostKeyPath = flag.String("host-key", "id_rsa", "the path of the host private key")
user = flag.String("user", "foo", "user name")
password = flag.String("password", "bar", "user password")
shell = flag.String("shell", "bash", "path of shell")
)
flag.Parse()
// In the latest version of crypto/ssh (after Go 1.3), the SSH server type has been removed
// in favour of an SSH connection type. A ssh.ServerConn is created by passing an existing
// net.Conn and a ssh.ServerConfig to ssh.NewServerConn, in effect, upgrading the net.Conn
// into an ssh.ServerConn
config := &ssh.ServerConfig{
//Define a function to run when a client attempts a password login
PasswordCallback: func(c ssh.ConnMetadata, pass []byte) (*ssh.Permissions, error) {
// Should use constant-time compare (or better, salt+hash) in a production setting.
if c.User() == *user && string(pass) == *password {
return nil, nil
}
return nil, fmt.Errorf("password rejected for %q", c.User())
},
// You may also explicitly allow anonymous client authentication, though anon bash
// sessions may not be a wise idea
// NoClientAuth: true,
}
privateBytes, err := ioutil.ReadFile(*hostKeyPath)
if err != nil {
log.Fatalf("Failed to load private key (%s); %s", *hostKeyPath, err)
}
private, err := ssh.ParsePrivateKey(privateBytes)
if err != nil {
log.Fatalf("Failed to parse private key; %s", err)
}
config.AddHostKey(private)
server := sshd.NewServer(*shell, config, log.New(os.Stdout, "", 0))
err = server.ListenAndServe(*address)
if err != nil {
log.Fatalf("Failed to listen and serve; %s", err)
}
}
Output:
Source Files
Directories