ConnectSshAgent

blacknon · abakum · Nov 21, 2023 · Nov 21, 2023 · Nov 23, 2023 · Nov 23, 2023
commit 94166c55c9829068c3d660ab27bcfdef543b8283
diff --git a/README.md b/README.md
@@ -64,7 +64,7 @@ If use **pkcs11** authentication, cgo must be enabled.
         // Create ssh.AuthMethod
         authMethod := sshlib.CreateAuthMethodPassword(password)
 
-        // If you use ssh-agent forwarding, uncomment it.
+        // If you use ssh-agent, uncomment it.
         // con.ConnectSshAgent()
 
         // Connect ssh server

diff --git a/_example/example_shell_agent.go → _example/example_cmdshell_agent.go b/_example/example_shell_agent.go → _example/example_cmdshell_agent.go
@@ -13,24 +13,26 @@ import (
 	"os"
 
 	"github.com/abakum/go-sshlib"
-	"golang.org/x/crypto/ssh"
 )
 
 var (
 	// dropbear on linux
-	// host = "10.161.115.160"
-	// port = "22"
-	// user = "root"
+	// host    = "10.161.115.160"
+	// port    = "22"
+	// user    = "root"
+	// command = "ssh [email protected]"
 
 	// sshd of OpenSSH on Windows
-	host = "10.161.115.189"
-	port = "22"
-	user = "user_"
+	// host    = "10.161.115.189"
+	// port    = "22"
+	// user    = "user_"
+	// command = "ssh [email protected]"
 
 	// sshd of gliderlabs on Windows
-	// host = "10.161.115.189"
-	// port = "2222"
-	// user = "user_"
+	host    = "10.161.115.189"
+	port    = "2222"
+	user    = "user_"
+	command = "ssh [email protected]"
 )
 
 func main() {
@@ -39,22 +41,17 @@ func main() {
 		// If you use x11 forwarding, please uncomment next line.
 		// ForwardX11: true,
 
-		// If you use ssh-agent forwarding, uncomment next line.
+		// If you use ssh-agent forwarding, please set to true.
+		// And after, run `con.ConnectSshAgent()`.
 		ForwardAgent: true,
-
-		// If you use ssh-agent forwarding, and not use sshlib.CreateAuthMethodAgent(con), uncomment next line.
-		// Agent:        sshlib.ConnectSshAgent(),
 	}
 
-	// Create ssh.AuthMethods
-	authMethod, err := sshlib.CreateAuthMethodAgent(con)
-	if err != nil {
-		fmt.Println(err)
-		os.Exit(1)
-	}
+	// setup con.Agent for use ssh-agent
+	con.ConnectSshAgent()
 
 	// Connect ssh server
-	err = con.CreateClient(host, port, user, []ssh.AuthMethod{authMethod})
+	// set authMethods to nil for use ssh-agent
+	err := con.CreateClient(host, port, user, nil)
 	if err != nil {
 		fmt.Println(err)
 		os.Exit(1)
@@ -67,6 +64,6 @@ func main() {
 		os.Exit(1)
 	}
 
-	// Start ssh shell
-	con.Shell(session)
+	// Start ssh shell with command
+	con.CmdShell(session, command)
 }
diff --git a/_example/example_multiproxy_shell.go b/_example/example_multiproxy_shell.go
@@ -15,7 +15,7 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/abakum/go-sshlib
+	"github.com/abakum/go-sshlib"
 	"golang.org/x/crypto/ssh"
 )
 

diff --git a/_example/example_portforward_shell.go b/_example/example_portforward_shell.go
@@ -13,7 +13,7 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/abakum/go-sshlib
+	"github.com/abakum/go-sshlib"
 	"golang.org/x/crypto/ssh"
 )
 

diff --git a/_example/example_proxycmd_shell.go b/_example/example_proxycmd_shell.go
@@ -15,7 +15,7 @@ import (
 	"fmt"
 	"os"
 
-	 "github.com/abakum/go-sshlib
+	"github.com/abakum/go-sshlib"
 	"golang.org/x/crypto/ssh"
 )
 

diff --git a/_example/example_reverse_dynamic_forward_shell.go b/_example/example_reverse_dynamic_forward_shell.go
@@ -13,7 +13,7 @@ import (
 	"fmt"
 	"os"
 
-	 "github.com/abakum/go-sshlib
+	"github.com/abakum/go-sshlib"
 	"golang.org/x/crypto/ssh"
 )
 

diff --git a/_example/example_shell_password.go b/_example/example_shell_password.go
@@ -13,14 +13,17 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/abakum/go-sshlib
+	"github.com/abakum/go-sshlib"
 	"golang.org/x/crypto/ssh"
 )
 
 var (
-	host     = "target.com"
+	// host     = "10.161.115.160"
+	// port     = "22"
+	// user     = "root"
+	host     = "10.161.115.189"
 	port     = "22"
-	user     = "user"
+	user     = "user_"
 	password = "password"
 
 	termlog = "./test_termlog"
@@ -40,8 +43,8 @@ func main() {
 	// Create ssh.AuthMethod
 	authMethod := sshlib.CreateAuthMethodPassword(password)
 
-	// If you use ssh-agent forwarding, uncomment it.
-	// con.ConnectSshAgent()
+	// If you use ssh-agent, uncomment it.
+	con.ConnectSshAgent()
 
 	// Connect ssh server
 	err := con.CreateClient(host, port, user, []ssh.AuthMethod{authMethod})
@@ -51,7 +54,8 @@ func main() {
 	}
 
 	// Set terminal log
-	con.SetLog(termlog, false)
+	// con.SetLog(termlog, true)
+	con.SetLogWithRemoveAnsiCode(termlog, false)
 
 	// Create Session
 	session, err := con.CreateSession()

diff --git a/_example/example_shell_pkcs11.go b/_example/example_shell_pkcs11.go
@@ -13,7 +13,7 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/abakum/go-sshlib
+	"github.com/abakum/go-sshlib"
 )
 
 var (
@@ -34,17 +34,17 @@ func main() {
 	}
 
 	// Create ssh.AuthMethod
-	authMethod, err := sshlib.CreateAuthMethodPKCS11("/usr/local/opt/opensc/lib/opensc-pkcs11.so", "")
+	authMethods, err := sshlib.CreateAuthMethodPKCS11("/usr/local/opt/opensc/lib/opensc-pkcs11.so", "")
 	if err != nil {
 		fmt.Println(err)
 		os.Exit(1)
 	}
 
-	// If you use ssh-agent forwarding, uncomment it.
+	// If you use ssh-agent, uncomment it.
 	con.ConnectSshAgent()
 
 	// Connect ssh server
-	err = con.CreateClient(host, port, user, authMethod)
+	err = con.CreateClient(host, port, user, authMethods)
 	if err != nil {
 		fmt.Println(err)
 		os.Exit(1)

diff --git a/_example/example_shell_pubkey.go b/_example/example_shell_pubkey.go
@@ -13,7 +13,7 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/abakum/go-sshlib
+	"github.com/abakum/go-sshlib"
 	"golang.org/x/crypto/ssh"
 )
 
@@ -45,7 +45,7 @@ func main() {
 		os.Exit(1)
 	}
 
-	// If you use ssh-agent forwarding, uncomment it.
+	// If you use ssh-agent, uncomment it.
 	// con.ConnectSshAgent()
 
 	// Connect ssh server

diff --git a/agent.go b/agent.go
@@ -12,7 +12,7 @@ import (
 // AgentInterface Interface for storing agent.Agent or agent.ExtendedAgent.
 type AgentInterface interface{}
 
-// AddKeySshAgent is rapper agent.Add().
+// AddKeySshAgent is wrapper agent.Add().
 // key must be a *rsa.PrivateKey, *dsa.PrivateKey or
 // *ecdsa.PrivateKey, which will be inserted into the agent.
 //
@@ -44,3 +44,33 @@ func (c *Connect) ForwardSshAgent(session *ssh.Session) {
 
 	agent.RequestAgentForwarding(session)
 }
+
+func (c *Connect) ConnectSshAgent() {
+	sock, err := NewConn()
+
+	if err != nil {
+		c.Agent = agent.NewKeyring()
+	} else {
+		defer sock.Close()
+		c.Agent = agent.NewClient(sock)
+	}
+}
+
+/*
+IdentityAgent
+         Specifies the UNIX-domain socket used to communicate with the
+         authentication agent.
+
+         This option overrides the SSH_AUTH_SOCK environment variable and
+         can be used to select a specific agent.  Setting the socket name
+         to none disables the use of an authentication agent.  If the
+         string "SSH_AUTH_SOCK" is specified, the location of the socket
+         will be read from the SSH_AUTH_SOCK environment variable.
+         Otherwise if the specified value begins with a ‘$’ character,
+         then it will be treated as an environment variable containing the
+         location of the socket.
+
+         Arguments to IdentityAgent may use the tilde syntax to refer to a
+         user's home directory or the tokens described in the TOKENS
+         section.
+*/
diff --git a/agent_unix.go b/agent_unix.go
@@ -9,22 +9,12 @@ package sshlib
 import (
 	"net"
 	"os"
-
-	"golang.org/x/crypto/ssh/agent"
 )
 
-// ConnectSshAgent
-func ConnectSshAgent() (ag AgentInterface) {
+func NewConn() (sock net.Conn, err error) {
 	// Get env "SSH_AUTH_SOCK" and connect.
-	sockPath := os.Getenv("SSH_AUTH_SOCK")
-	sock, err := net.Dial("unix", sockPath)
-
-	if err != nil {
-		ag = agent.NewKeyring()
-	} else {
-		// connect SSH_AUTH_SOCK
-		ag = agent.NewClient(sock)
-	}
+	IdentityAgent := os.Getenv("SSH_AUTH_SOCK")
+	sock, err := net.Dial("unix", IdentityAgent)
 
 	return
 }
diff --git a/agent_windows.go b/agent_windows.go
@@ -13,48 +13,35 @@ import (
 
 	"github.com/Microsoft/go-winio"
 	"github.com/abakum/pageant"
-	"golang.org/x/crypto/ssh/agent"
 )
 
-// ConnectSshAgent
-func ConnectSshAgent() (ag AgentInterface) {
+func NewConn() (sock net.Conn, err error) {
 	const (
 		PIPE         = `\\.\pipe\`
 		sshAgentPipe = "openssh-ssh-agent"
 	)
-	var (
-		sock net.Conn
-		err  error
-	)
 	// Get env "SSH_AUTH_SOCK" and connect.
-	sockPath := os.Getenv("SSH_AUTH_SOCK")
-	emptySockPath := len(sockPath) == 0
+	IdentityAgent := os.Getenv("SSH_AUTH_SOCK")
+	emptySockPath := IdentityAgent == ""
 
 	if emptySockPath {
 		sock, err = pageant.NewConn()
 	}
 
 	if err != nil && !emptySockPath {
 		// `sc query afunix` for some versions of Windows
-		sock, err = net.Dial("unix", sockPath)
+		sock, err = net.Dial("unix", IdentityAgent)
 	}
 
 	if err != nil {
 		if emptySockPath {
-			sockPath = sshAgentPipe
+			IdentityAgent = sshAgentPipe
 		}
-		if !strings.HasPrefix(sockPath, PIPE) {
-			sockPath = PIPE + sockPath
+		if !strings.HasPrefix(IdentityAgent, PIPE) {
+			IdentityAgent = PIPE + IdentityAgent
 		}
-		sock, err = winio.DialPipe(sockPath, nil)
-	}
-
-	if err != nil {
-		ag = agent.NewKeyring()
-	} else {
-		// connect SSH_AUTH_SOCK
-		ag = agent.NewClient(sock)
+		sock, err = winio.DialPipe(IdentityAgent, nil)
 	}
+	return sock, err
 
-	return
 }