ssh

package
v0.61.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 3, 2026 License: BSD-3-Clause Imports: 19 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	NetBirdSSHConfigFile = "99-netbird.conf"

	UnixSSHConfigDir    = "/etc/ssh/ssh_config.d"
	WindowsSSHConfigDir = "ssh/ssh_config.d"
)
View Source 
const RSAKeySize = 2048

RSAKeySize is a size of newly generated RSA key

Variables

View Source 
var (
	// ErrPeerNotFound indicates the peer was not found in the network
	ErrPeerNotFound = errors.New("peer not found in network")
	// ErrNoStoredKey indicates the peer has no stored SSH host key
	ErrNoStoredKey = errors.New("peer has no stored SSH host key")
)

Functions

func AddJWTAuth added in v0.60.0 

func AddJWTAuth(config *ssh.ClientConfig, jwtToken string) *ssh.ClientConfig

AddJWTAuth prepends JWT password authentication to existing auth methods. This ensures JWT auth is tried first while preserving any existing auth methods.

func CreateHostKeyCallback added in v0.60.0 

func CreateHostKeyCallback(verifier HostKeyVerifier) ssh.HostKeyCallback

CreateHostKeyCallback creates an SSH host key verification callback using the provided verifier. It tries multiple addresses (hostname, IP) for the peer before failing.

func EncodePrivateKeyToPEM 

func EncodePrivateKeyToPEM(privateKey crypto.Signer) ([]byte, error)

EncodePrivateKeyToPEM encodes a private key to PEM format.

func GeneratePrivateKey 

func GeneratePrivateKey(keyType KeyType) ([]byte, error)

GeneratePrivateKey creates a private key of the specified type.

func GeneratePublicKey 

func GeneratePublicKey(key []byte) ([]byte, error)

GeneratePublicKey returns the public part of the private key.

func RequestJWTToken added in v0.60.0 

func RequestJWTToken(ctx context.Context, client proto.DaemonServiceClient, stdout, stderr io.Writer, useCache bool, hint string, openBrowser func(string) error) (string, error)

RequestJWTToken requests or retrieves a JWT token for SSH authentication

func VerifyHostKey added in v0.60.0 

func VerifyHostKey(storedKeyData []byte, presentedKey []byte, peerAddress string) error

VerifyHostKey verifies an SSH host key against stored peer key data. Returns nil only if the presented key matches the stored key. Returns ErrNoStoredKey if storedKeyData is empty. Returns an error if the keys don't match or if parsing fails.

Types

type DaemonHostKeyVerifier added in v0.60.0 

type DaemonHostKeyVerifier struct {
	// contains filtered or unexported fields
}

DaemonHostKeyVerifier implements HostKeyVerifier using the NetBird daemon

func NewDaemonHostKeyVerifier added in v0.60.0 

func NewDaemonHostKeyVerifier(client proto.DaemonServiceClient) *DaemonHostKeyVerifier

NewDaemonHostKeyVerifier creates a new daemon-based host key verifier

func (*DaemonHostKeyVerifier) VerifySSHHostKey added in v0.60.0 

func (d *DaemonHostKeyVerifier) VerifySSHHostKey(peerAddress string, presentedKey []byte) error

VerifySSHHostKey verifies an SSH host key by querying the NetBird daemon

type HostKeyVerifier added in v0.60.0 

type HostKeyVerifier interface {
	VerifySSHHostKey(peerAddress string, key []byte) error
}

HostKeyVerifier provides SSH host key verification

type KeyType 

type KeyType string

KeyType is a type of SSH key 

const ECDSA KeyType = "ecdsa"

ECDSA is key of type ecdsa 

const ED25519 KeyType = "ed25519"

ED25519 is key of type ed25519 

const RSA KeyType = "rsa"

RSA is key of type rsa

Source Files

View all Source files

Directories

Path Synopsis
winpty

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.