# README
gliderlabs/ssh
The Glider Labs SSH server package is dope. —@bradfitz, Go team member
This Go package wraps the crypto/ssh package with a higher-level API for building SSH servers. The goal of the API was to make it as simple as using net/http, so the API is very similar:
package main
import (
"github.com/gliderlabs/ssh"
"io"
"log"
)
func main() {
ssh.Handle(func(s ssh.Session) {
io.WriteString(s, "Hello world\n")
})
log.Fatal(ssh.ListenAndServe(":2222", nil))
}
This package was built by @progrium after working on nearly a dozen projects at Glider Labs using SSH and collaborating with @shazow (known for ssh-chat).
Examples
A bunch of great examples are in the _examples directory.
Usage
Contributing
Pull requests are welcome! However, since this project is very much about API design, please submit API changes as issues to discuss before submitting PRs.
Also, you can join our Slack to discuss as well.
Roadmap
- Non-session channel handlers
- Cleanup callback API
- 1.0 release
- High-level client?
Sponsors
Become a sponsor and get your logo on our README on Github with a link to your site. [Become a sponsor]
License
# Functions
AgentRequested returns true if the client requested agent forwarding.
DirectTCPIPHandler can be enabled by adding it to the server's ChannelHandlers under direct-tcpip.
ForwardAgentConnections takes connections from a listener to proxy into the session on the OpenSSH channel for agent connections.
Handle registers the handler as the DefaultHandler.
HostKeyFile returns a functional option that adds HostSigners to the server from a PEM file at filepath.
HostKeyPEM returns a functional option that adds HostSigners to the server from a PEM file as bytes.
KeysEqual is constant time compare of the keys to avoid timing attacks.
ListenAndServe listens on the TCP network address addr and then calls Serve with handler to handle sessions on incoming connections.
NewAgentListener sets up a temporary Unix socket that can be communicated to the session environment and used for forwarding connections.
NoPty returns a functional option that sets PtyCallback to return false, denying PTY requests.
ParseAuthorizedKey parses a public key from an authorized_keys file used in OpenSSH according to the sshd(8) manual page.
ParsePublicKey parses an SSH public key formatted for use in the SSH wire protocol according to RFC 4253, section 6.6.
PasswordAuth returns a functional option that sets PasswordHandler on the server.
PublicKeyAuth returns a functional option that sets PublicKeyHandler on the server.
Serve accepts incoming SSH connections on the listener l, creating a new connection goroutine for each.
SetAgentRequested sets up the session context so that AgentRequested returns true.
WrapConn returns a functional option that sets ConnCallback on the server.
# Constants
POSIX signals as listed in RFC 4254 Section 6.10.
POSIX signals as listed in RFC 4254 Section 6.10.
POSIX signals as listed in RFC 4254 Section 6.10.
POSIX signals as listed in RFC 4254 Section 6.10.
POSIX signals as listed in RFC 4254 Section 6.10.
POSIX signals as listed in RFC 4254 Section 6.10.
POSIX signals as listed in RFC 4254 Section 6.10.
POSIX signals as listed in RFC 4254 Section 6.10.
POSIX signals as listed in RFC 4254 Section 6.10.
POSIX signals as listed in RFC 4254 Section 6.10.
POSIX signals as listed in RFC 4254 Section 6.10.
POSIX signals as listed in RFC 4254 Section 6.10.
POSIX signals as listed in RFC 4254 Section 6.10.
# Variables
ContextKeyClientVersion is a context key for use with Contexts in this package.
ContextKeyConn is a context key for use with Contexts in this package.
ContextKeyLocalAddr is a context key for use with Contexts in this package.
ContextKeyPermissions is a context key for use with Contexts in this package.
ContextKeyPublicKey is a context key for use with Contexts in this package.
ContextKeyRemoteAddr is a context key for use with Contexts in this package.
ContextKeyServer is a context key for use with Contexts in this package.
ContextKeyServerVersion is a context key for use with Contexts in this package.
ContextKeySessionID is a context key for use with Contexts in this package.
ContextKeyUser is a context key for use with Contexts in this package.
DefaultHandler is the default Handler used by Serve.
ErrServerClosed is returned by the Server's Serve, ListenAndServe, and ListenAndServeTLS methods after a call to Shutdown or Close.
# Structs
ForwardedTCPHandler can be enabled by creating a ForwardedTCPHandler and adding the HandleSSHRequest callback to the server's RequestHandlers under tcpip-forward and cancel-tcpip-forward.
The Permissions type holds fine-grained permissions that are specific to a user or a specific authentication method for a user.
Pty represents a PTY request and configuration.
Server defines parameters for running an SSH server.
Window represents the size of a PTY window.
# Interfaces
Context is a package specific context interface.
PublicKey is an abstraction of different types of public keys.
Session provides access to information about an SSH session and methods to read and write to the SSH channel with an embedded Channel interface from crypto/ssh.
A Signer can create signatures that verify against a public key.
# Type aliases
BannerHandler is a callback for displaying the server banner.
ConnCallback is a hook for new connections before handling.
ConnectionFailedCallback is a hook for reporting failed connections Please note: the net.Conn is likely to be closed at this point.
Handler is a callback for handling established SSH sessions.
KeyboardInteractiveHandler is a callback for performing keyboard-interactive authentication.
LocalPortForwardingCallback is a hook for allowing port forwarding.
Option is a functional option handler for Server.
PasswordHandler is a callback for performing password authentication.
PtyCallback is a hook for allowing PTY sessions.
PublicKeyHandler is a callback for performing public key authentication.
ReversePortForwardingCallback is a hook for allowing reverse port forwarding.
ServerConfigCallback is a hook for creating custom default server configs.
SessionRequestCallback is a callback for allowing or denying SSH sessions.