| /* Copyright (c) 2020 Bram Vandenbogaerde |
| * You may use, distribute or modify this code under the |
| * terms of the Mozilla Public License 2.0, which is distributed |
| * along with the source code. |
| */ |
| package auth |
| |
| import ( |
| "io/ioutil" |
| "net" |
| "os" |
| |
| "golang.org/x/crypto/ssh" |
| "golang.org/x/crypto/ssh/agent" |
| ) |
| |
| // PrivateKey Loads a private and public key from "path" and returns a SSH ClientConfig to authenticate with the server |
| func PrivateKey(username string, path string, keyCallBack ssh.HostKeyCallback) (ssh.ClientConfig, error) { |
| privateKey, err := ioutil.ReadFile(path) |
| |
| if err != nil { |
| return ssh.ClientConfig{}, err |
| } |
| |
| signer, err := ssh.ParsePrivateKey(privateKey) |
| |
| if err != nil { |
| return ssh.ClientConfig{}, err |
| } |
| |
| return ssh.ClientConfig{ |
| User: username, |
| Auth: []ssh.AuthMethod{ |
| ssh.PublicKeys(signer), |
| }, |
| HostKeyCallback: keyCallBack, |
| }, nil |
| } |
| |
| // Creates the configuration for a client that authenticates with a password protected private key |
| func PrivateKeyWithPassphrase(username string, passpharase []byte, path string, keyCallBack ssh.HostKeyCallback) (ssh.ClientConfig, error) { |
| privateKey, err := ioutil.ReadFile(path) |
| |
| if err != nil { |
| return ssh.ClientConfig{}, err |
| } |
| signer, err := ssh.ParsePrivateKeyWithPassphrase(privateKey, passpharase) |
| |
| if err != nil { |
| return ssh.ClientConfig{}, err |
| } |
| |
| return ssh.ClientConfig{ |
| User: username, |
| Auth: []ssh.AuthMethod{ |
| ssh.PublicKeys(signer), |
| }, |
| HostKeyCallback: keyCallBack, |
| }, nil |
| } |
| |
| // Creates a configuration for a client that fetches public-private key from the SSH agent for authentication |
| func SshAgent(username string, keyCallBack ssh.HostKeyCallback) (ssh.ClientConfig, error) { |
| socket := os.Getenv("SSH_AUTH_SOCK") |
| conn, err := net.Dial("unix", socket) |
| if err != nil { |
| return ssh.ClientConfig{}, err |
| } |
| |
| agentClient := agent.NewClient(conn) |
| return ssh.ClientConfig{ |
| User: username, |
| Auth: []ssh.AuthMethod{ |
| ssh.PublicKeysCallback(agentClient.Signers), |
| }, |
| HostKeyCallback: keyCallBack, |
| }, nil |
| } |
| |
| // Creates a configuration for a client that authenticates using username and password |
| func PasswordKey(username string, password string, keyCallBack ssh.HostKeyCallback) (ssh.ClientConfig, error) { |
| |
| return ssh.ClientConfig{ |
| User: username, |
| Auth: []ssh.AuthMethod{ |
| ssh.Password(password), |
| }, |
| HostKeyCallback: keyCallBack, |
| }, nil |
| } |