server

package
v0.61.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 3, 2026 License: BSD-3-Clause Imports: 37 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ExitCodeSuccess           = 0
	ExitCodePrivilegeDropFail = 10
	ExitCodeShellExecFail     = 11
	ExitCodeValidationFail    = 12
)

Exit codes for executor process communication

View Source 
const (
	// FeatureSSHLogin represents SSH login operations for privilege checking
	FeatureSSHLogin = "SSH login"
	// FeatureSFTP represents SFTP operations for privilege checking
	FeatureSFTP = "SFTP"
)
View Source 
const (

	// DefaultJWTMaxTokenAge is the default maximum age for JWT tokens accepted by the SSH server
	DefaultJWTMaxTokenAge = 5 * 60
)
View Source 
const DefaultSSHPort = 22

DefaultSSHPort is the default SSH port of the NetBird's embedded SSH server

View Source 
const InternalSSHPort = 22022

InternalSSHPort is the port SSH server listens on and is redirected to

Variables

View Source 
var (
	ErrPrivilegedUserDisabled = errors.New(msgPrivilegedUserDisabled)
	ErrUserNotFound           = errors.New("user not found")
)
View Source 
var (
	ErrPrivilegeRequired    = errors.New("SeAssignPrimaryTokenPrivilege required for user switching - NetBird must run with elevated privileges")
	ErrPrivilegedUserSwitch = errors.New("cannot switch to privileged user - current user lacks required privileges")
)

Functions

func StartTestServer 

func StartTestServer(t *testing.T, server *Server) string

Types

type Config 

type Config struct {
	// JWT authentication configuration. If nil, JWT authentication is disabled
	JWT *JWTConfig

	// HostKey is the SSH server host key in PEM format
	HostKeyPEM []byte
}

Config contains all SSH server configuration options

type ConnectionKey 

type ConnectionKey string

ConnectionKey uniquely identifies a port forwarding connection within a session

type ExecutorConfig 

type ExecutorConfig struct {
	UID        uint32
	GID        uint32
	Groups     []uint32
	WorkingDir string
	Shell      string
	Command    string
	PTY        bool
}

ExecutorConfig holds configuration for the executor process

type ForwardKey 

type ForwardKey string

ForwardKey uniquely identifies a port forwarding listener

type JWTConfig 

type JWTConfig struct {
	Issuer       string
	Audience     string
	KeysLocation string
	MaxTokenAge  int64
}

type PrivilegeCheckRequest 

type PrivilegeCheckRequest struct {
	// Username being requested (empty = current user)
	RequestedUsername         string
	FeatureSupportsUserSwitch bool // Does this feature/operation support user switching?
	FeatureName               string
}

PrivilegeCheckRequest represents a privilege check request

type PrivilegeCheckResult 

type PrivilegeCheckResult struct {
	// Allowed indicates whether the privilege check passed
	Allowed bool
	// User is the effective user to use for the operation (nil if not allowed)
	User *user.User
	// Error contains the reason for denial (nil if allowed)
	Error error
	// UsedFallback indicates we fell back to current user instead of requested user.
	// This happens on Unix when running as an unprivileged user (e.g., in containers)
	// where there's no point in user switching since we lack privileges anyway.
	// When true, all privilege checks have already been performed and no additional
	// privilege dropping or root checks are needed - the current user is the target.
	UsedFallback bool
	// RequiresUserSwitching indicates whether user switching will actually occur
	// (false for fallback cases where no actual switching happens)
	RequiresUserSwitching bool
}

PrivilegeCheckResult represents the result of a privilege check

type PrivilegeDropper 

type PrivilegeDropper struct{}

PrivilegeDropper handles secure privilege dropping in child processes

func NewPrivilegeDropper 

func NewPrivilegeDropper() *PrivilegeDropper

NewPrivilegeDropper creates a new privilege dropper

func (*PrivilegeDropper) CreateExecutorCommand 

func (pd *PrivilegeDropper) CreateExecutorCommand(ctx context.Context, config ExecutorConfig) (*exec.Cmd, error)

CreateExecutorCommand creates a command that spawns netbird ssh exec for privilege dropping

func (*PrivilegeDropper) DropPrivileges 

func (pd *PrivilegeDropper) DropPrivileges(targetUID, targetGID uint32, supplementaryGroups []uint32) error

DropPrivileges performs privilege dropping with thread locking for security

func (*PrivilegeDropper) ExecuteWithPrivilegeDrop 

func (pd *PrivilegeDropper) ExecuteWithPrivilegeDrop(ctx context.Context, config ExecutorConfig)

ExecuteWithPrivilegeDrop executes a command with privilege dropping, using exit codes to signal specific failures

type PrivilegedUserError 

type PrivilegedUserError struct {
	Username string
}

PrivilegedUserError represents an error when privileged user login is disabled

func (*PrivilegedUserError) Error 

func (e *PrivilegedUserError) Error() string

func (*PrivilegedUserError) Is 

func (e *PrivilegedUserError) Is(target error) bool

type Server 

type Server struct {
	// contains filtered or unexported fields
}

func New 

func New(config *Config) *Server

New creates an SSH server instance with the provided host key and optional JWT configuration If jwtConfig is nil, JWT authentication is disabled

func (*Server) CheckPrivileges 

func (s *Server) CheckPrivileges(req PrivilegeCheckRequest) PrivilegeCheckResult

CheckPrivileges performs comprehensive privilege checking for all SSH features. This is the single source of truth for privilege decisions across the SSH server.

func (*Server) GetStatus 

func (s *Server) GetStatus() (enabled bool, sessions []SessionInfo)

GetStatus returns the current status of the SSH server and active sessions

func (*Server) SetAllowLocalPortForwarding 

func (s *Server) SetAllowLocalPortForwarding(allow bool)

SetAllowLocalPortForwarding configures local port forwarding

func (*Server) SetAllowRemotePortForwarding 

func (s *Server) SetAllowRemotePortForwarding(allow bool)

SetAllowRemotePortForwarding configures remote port forwarding

func (*Server) SetAllowRootLogin 

func (s *Server) SetAllowRootLogin(allow bool)

SetAllowRootLogin configures root login access

func (*Server) SetAllowSFTP 

func (s *Server) SetAllowSFTP(allow bool)

SetAllowSFTP enables or disables SFTP support

func (*Server) SetNetstackNet 

func (s *Server) SetNetstackNet(net *netstack.Net)

SetNetstackNet sets the netstack network for userspace networking

func (*Server) SetNetworkValidation 

func (s *Server) SetNetworkValidation(addr wgaddr.Address)

SetNetworkValidation configures network-based connection filtering

func (*Server) Start 

func (s *Server) Start(ctx context.Context, addr netip.AddrPort) error

Start runs the SSH server

func (*Server) Stop 

func (s *Server) Stop() error

Stop closes the SSH server

func (*Server) UpdateSSHAuth added in v0.61.0 

func (s *Server) UpdateSSHAuth(config *sshauth.Config)

UpdateSSHAuth updates the SSH fine-grained access control configuration This should be called when network map updates include new SSH auth configuration

type SessionInfo 

type SessionInfo struct {
	Username      string
	RemoteAddress string
	Command       string
	JWTUsername   string
}

SessionInfo contains information about an active SSH session

type SessionKey 

type SessionKey string

SessionKey uniquely identifies an SSH session

type UserNotFoundError 

type UserNotFoundError struct {
	Username string
	Cause    error
}

UserNotFoundError represents an error when a user cannot be found

func (*UserNotFoundError) Error 

func (e *UserNotFoundError) Error() string

func (*UserNotFoundError) Is 

func (e *UserNotFoundError) Is(target error) bool

func (*UserNotFoundError) Unwrap 

func (e *UserNotFoundError) Unwrap() error

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.