ssh2docker

package module

v1.2.0 Latest Latest Go to latest Published: Nov 22, 2015 License: MIT Imports: 17 Imported by: 2

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/moul/ssh2docker

Links

Open Source Insights

README ¶

ssh2docker

🔧 SSH server that creates a Docker container per connection (chroot++)

                                               +----------------+
                                               |  mycorp.biz    |
                                               |                |
+--------------+                               | +------------+ |
|              |     ssh container1@mycorp.biz | |            | |
| bobby@laptop +---------------------------------> ssh2docker | |
|              |                               | |            | |
+--------------+                               | +------+-----+ |
                  +----------------------------+        |       |
                  |                                     |       |
                  | docker exec -it container1 /bin/bash|       |
                  |                                     |       |
                  |              +----------------------v-----+ |
                  |              |    Docker                  | |
                  |              |                            | |
                  |              | +----------+ +----------+  | |
                  |              | |          | |          |  | |
                  |              | |Container1| |Container2|  | |
                  |              | |          | |          |  | |
                  |              | +----------+ +----------+  | |
                  |              +----------------------------+ |
                  +---------------------------------------------+

Usage

NAME:
   ssh2docker - SSH portal to Docker containers

USAGE:
   ssh2docker [global options] command [command options] [arguments...]

AUTHOR(S):
   Manfred Touron <https://github.com/moul/ssh2docker>

COMMANDS:
   help, h	Shows a list of commands or help for one command

GLOBAL OPTIONS:
   --verbose, -V                Enable verbose mode
   --bind, -b ":2222"           Listen to address
   --host-key, -k "built-in"    Path or complete SSH host key to use, use 'system' for keys in /etc/ssh
   --allowed-images             List of allowed images, i.e: alpine,ubuntu:trusty,1cf3e6c
   --shell "/bin/sh"            Default shell
   --docker-run-args "-it --rm" 'docker run' arguments
   --no-join                    Do not join existing containers, always create new ones
   --clean-on-startup           Cleanup Docker containers created by ssh2docker on start
   --password-auth-script       Password auth hook file
   --publickey-auth-script    	Public-key auth hook file
   --local-user                 If setted, you can spawn a local shell (not withing docker) by SSHing to this user
   --banner                     Display a banner on connection
   --help, -h                   show help
   --version, -v                print the version

Example

Server

$ ssh2docker
INFO[0000] Listening on port 2222
INFO[0001] NewClient (0): User="alpine", ClientVersion="5353482d322e302d4f70656e5353485f362e362e317031205562756e74752d327562756e747532"
INFO[0748] NewClient (1): User="ubuntu", ClientVersion="5353482d322e302d4f70656e5353485f362e362e317031205562756e74752d327562756e747532"

Client

$ ssh localhost -p 2222 -l alpine
Host key fingerprint is 59:46:d7:cf:ca:33:be:1f:58:fd:46:c8:ca:5d:56:03
+--[ RSA 2048]----+
|          . .E   |
|         . .  o  |
|          o    +.|
|         +   . .*|
|        S    .oo=|
|           . oB+.|
|            oo.+o|
|              ...|
|              .o.|
+-----------------+

alpine@localhost's password:
/ # cat /etc/alpine-release
3.2.0
/ # ^D

$ ssh localhost -p 2222 -l ubuntu
Host key fingerprint is 59:46:d7:cf:ca:33:be:1f:58:fd:46:c8:ca:5d:56:03
+--[ RSA 2048]----+
|          . .E   |
|         . .  o  |
|          o    +.|
|         +   . .*|
|        S    .oo=|
|           . oB+.|
|            oo.+o|
|              ...|
|              .o.|
+-----------------+

ubuntu@localhost's password:
# lsb_release -a
No LSB modules are available.
Distributor ID:	Ubuntu
Description:	Ubuntu 14.04.3 LTS
Release:	14.04
Codename:	trusty
# ^D

Install

Install latest version using Golang (recommended)

$ go get github.com/moul/ssh2docker/cmd/ssh2docker

Install latest version using Homebrew (Mac OS X)

$ brew install https://raw.githubusercontent.com/moul/ssh2docker/master/contrib/homebrew/assh.rb --HEAD

or the latest released version

$ brew install https://raw.githubusercontent.com/moul/ssh2docker/master/contrib/homebrew/assh.rb

Test with Docker

You can test ssh2docker within Docker, but you will have some limitations, i.e: cannot run with boot2docker.

Here is an example about how to use ssh2docker inside Docker

$ docker run --privileged -v /var/lib/docker:/var/lib/docker -it --rm -p 2222:2222 moul/ssh2docker

Changelog

v1.2.0 (2015-11-22)

Support of --host-key=system to use OpenSSH keys (#45)
Support of custom entrypoint (#63)
Support of public-key authentication (#2)
Handling custom environment variables, user and command in password script (#57)
Replacing "_" by "/" on default image name to handle ControlMaster on clients
Support of --banner option (#26)
Add a not-yet-implemented warning for exec (#51)
Support of --local-user option, to allow a specific user to be a local shell (#44)
Kill connection when exiting shell (ctrl+D) (#43)

full commits list

v1.1.0 (2015-10-07)

Fix runtime error on Linux (#38)
Initial version of the native Scaleway support (#36)
Support of 'ssh2docker --password-auth-script' options (#28)
Add docker support (#17)
Add GOXC support to build binaries for multiple architectures (#18)
Support of 'ssh2docker --clean-on-startup' (#23)
Add homebrew support (#16)
Add Changelog (#19)

full commits list

v1.0.1 (2015-09-27)

Using party to manage dependencies

full commits list

v1.0.0 (2015-09-27)

Initial release

Features

Basic logging
Handling environment-variable requests
Support of --allowed-images option (#4)
Ability to configure docker run arguments (#13)
Reconnecting to existing containers (#14)
Support of --no-join option (#6)

full commits list

License

MIT

Documentation ¶

Index ¶

func DockerCleanup() error
func DockerKill(containerID string) error
func DockerListContainers(all bool) ([]string, error)
func DockerRemove(containerID string) error
func SetWinsize(fd uintptr, w, h uint32)
type Client
- func NewClient(conn *ssh.ServerConn, chans <-chan ssh.NewChannel, reqs <-chan *ssh.Request, ...) *Client
type ClientConfig
type Environment
- func (e *Environment) ApplyDefaults()
- func (e *Environment) List() []string
type Server
- func NewServer() (*Server, error)
type Winsize

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func DockerCleanup ¶ added in v1.1.0

func DockerCleanup() error

DockerCleanup cleans all containers created by ssh2docker

func DockerKill ¶ added in v1.1.0

func DockerKill(containerID string) error

DockerKill kills a container

func DockerListContainers ¶ added in v1.1.0

func DockerListContainers(all bool) ([]string, error)

DockerListContainers lists containers created by ssh2docker

func DockerRemove ¶ added in v1.1.0

func DockerRemove(containerID string) error

DockerRemove removes a container

func SetWinsize ¶

func SetWinsize(fd uintptr, w, h uint32)

Types ¶

type Client ¶

type Client struct {
	Idx        int
	ChannelIdx int
	Conn       *ssh.ServerConn
	Chans      <-chan ssh.NewChannel
	Reqs       <-chan *ssh.Request
	Server     *Server
	Pty, Tty   *os.File
	Config     *ClientConfig
	ClientID   string
}

Client is one client connection

func NewClient ¶

func NewClient(conn *ssh.ServerConn, chans <-chan ssh.NewChannel, reqs <-chan *ssh.Request, server *Server) *Client

NewClient initializes a new client

func (*Client) HandleChannel ¶

func (c *Client) HandleChannel(newChannel ssh.NewChannel) error

HandleChannel handles one SSH channel

func (*Client) HandleChannelRequests ¶

func (c *Client) HandleChannelRequests(channel ssh.Channel, requests <-chan *ssh.Request)

HandleChannelRequests handles channel requests

func (*Client) HandleChannels ¶

func (c *Client) HandleChannels() error

HandleChannels handles SSH channels

func (*Client) HandleRequests ¶

func (c *Client) HandleRequests() error

HandleRequests handles SSH requests

type ClientConfig ¶ added in v1.1.0

type ClientConfig struct {
	ImageName  string      `json:"image-name",omitempty`
	RemoteUser string      `json:"remote-user",omitempty`
	Allowed    bool        `json:"allowed",omitempty`
	Env        Environment `json:"env",omitempty`
	IsLocal    bool        `json:"is_local",omitempty`
	Command    []string    `json:"command",omitempty`
	User       string      `json:"user",omitempty`
	Keys       []string    `json:"keys",omitempty`
	EntryPoint string      `json:"entrypoint",omitempty`
}

type Environment ¶

type Environment map[string]string

func (*Environment) ApplyDefaults ¶ added in v1.2.0

func (e *Environment) ApplyDefaults()

func (*Environment) List ¶

func (e *Environment) List() []string

type Server ¶

type Server struct {
	SshConfig *ssh.ServerConfig
	// Clients   map[string]Client
	ClientConfigs map[string]*ClientConfig

	AllowedImages       []string
	DefaultShell        string
	DockerRunArgs       []string
	NoJoin              bool
	CleanOnStartup      bool
	PasswordAuthScript  string
	PublicKeyAuthScript string
	LocalUser           string
	Banner              string
	// contains filtered or unexported fields
}

Server is the ssh2docker main structure

func NewServer ¶

func NewServer() (*Server, error)

NewServer initialize a new Server instance with default values

func (*Server) AddHostKey ¶

func (s *Server) AddHostKey(keystring string) error

AddHostKey parses/loads an ssh key and registers it to the server

func (*Server) CheckConfig ¶ added in v1.2.0

func (s *Server) CheckConfig(config *ClientConfig) error

CheckConfig checks if the ClientConfig has access

func (*Server) Handle ¶

func (s *Server) Handle(netConn net.Conn) error

Handle is the SSH client entrypoint, it takes a net.Conn instance and handle all the ssh and ssh2docker stuff

func (*Server) Init ¶ added in v1.1.0

func (s *Server) Init() error

Init initializes server

func (*Server) KeyboardInteractiveCallback ¶ added in v1.2.0

func (s *Server) KeyboardInteractiveCallback(conn ssh.ConnMetadata, challenge ssh.KeyboardInteractiveChallenge) (*ssh.Permissions, error)

KeyboardInteractiveCallback is called after PublicKeyCallback

func (*Server) PasswordCallback ¶

func (s *Server) PasswordCallback(conn ssh.ConnMetadata, password []byte) (*ssh.Permissions, error)

PasswordCallback is called when the user tries to authenticate using a password

func (*Server) PublicKeyCallback ¶ added in v1.2.0

func (s *Server) PublicKeyCallback(conn ssh.ConnMetadata, key ssh.PublicKey) (*ssh.Permissions, error)

PublicKeyCallback is called when the user tries to authenticate using an SSH public key

type Winsize ¶

type Winsize struct {
	Height uint16
	Width  uint16
	// contains filtered or unexported fields
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cmd
ssh2docker

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL