Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Connection ¶
type Connection struct {
LocalHost string `json:"localHost"`
RemoteHost string `json:"remoteHost"`
RemoteUser string `json:"remoteUser"`
Port uint `json:"port"`
ProxyJump string `json:"proxyJump"`
Hash ConnectionHash `json:"hash"` // %C - hash of connection tuple
}
Connection represents the complete tuple of SSH connection parameters. This matches the parameters available in OpenSSH Match exec via %C hash: local hostname (%l), remote hostname (%h), port (%p), remote user (%r), and ProxyJump (%j). The Hash field contains the %C hash value computed by OpenSSH from these parameters.
type ConnectionHash ¶
type ConnectionHash string
ConnectionHash is the OpenSSH %C hash value that uniquely identifies a connection. This is computed by OpenSSH from the connection parameters (local host, remote host, port, user, ProxyJump).
type Policy ¶
type Policy struct {
// HostUsers maps host patterns to allowed users for that host
// Example: {"*.example.com": ["arch", "deploy"], "prod-*": ["root"]}
HostUsers map[string][]string `json:"hostUsers"`
}
Policy represents the policy rules for certificate usage
func (*Policy) Matches ¶
func (p *Policy) Matches(conn Connection) bool
Matches checks if this policy matches the given connection's host AND user
Source Files
Click to show internal directories.
Click to hide internal directories.