CreateAuthMethodAgent and an examples of its use

_example/example_shell_agent.go

@@ -0,0 +1,77 @@
+// Copyright (c) 2020 Blacknon. All rights reserved.
+// Use of this source code is governed by an MIT license
+// that can be found in the LICENSE file.
+
+// Shell connection Example file.
+// Change the value of the variable and compile to make sure that you can actually connect.
+//
+
+package main
+
+import (
+	"fmt"
+	"os"
+
+	sshlib "github.com/blacknon/go-sshlib"
+	"golang.org/x/crypto/ssh"
+)
+
+var (
+	// dropbear on linux
+	// host = "10.161.115.160"
+	// port = "22"
+	// user = "root"
+
+	// sshd of OpenSSH on Windows
+	// host = "10.161.115.189"
+	// port = "22"
+	// user = "user_"
+
+	// sshd of gliderlabs on Windows
+	host = "127.0.0.1"
+	port = "2222"
+	user = "user_"
+
+	termlog = "./test_termlog"
+)
+
+func main() {
+	// Create sshlib.Connect
+	con := &sshlib.Connect{
+		// If you use x11 forwarding, please uncomment next line.
+		// ForwardX11: true,
+
+		// If you use ssh-agent forwarding, uncomment next line.
+		ForwardAgent: true,
+
+		// If you use ssh-agent forwarding, and not use sshlib.CreateAuthMethodAgent(con), uncomment next line.
+		// Agent:        sshlib.ConnectSshAgent(),
+	}
+
+	// Create ssh.AuthMethods
+	authMethod, err := sshlib.CreateAuthMethodAgent(con)
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+
+	// Connect ssh server
+	err = con.CreateClient(host, port, user, []ssh.AuthMethod{authMethod})
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+
+	// Set terminal log
+	// con.SetLog(termlog, false)
+
+	// Create Session
+	session, err := con.CreateSession()
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+
+	// Start ssh shell
+	con.Shell(session)
+}

_example/example_sshproxy_agent.go

@@ -0,0 +1,124 @@
+// Copyright (c) 2020 Blacknon. All rights reserved.
+// Use of this source code is governed by an MIT license
+// that can be found in the LICENSE file.
+
+// Shell connection Example file.
+// Change the value of the variable and compile to make sure that you can actually connect.
+//
+// This file has a simple ssh proxy connection.
+// Also, the authentication method is password authentication.
+// Please replace as appropriate.
+
+package main
+
+import (
+	"fmt"
+	"os"
+
+	sshlib "github.com/blacknon/go-sshlib"
+	"golang.org/x/crypto/ssh"
+)
+
+var (
+	// Proxy ssh server
+	// host1     = "proxy.com"
+	// port1     = "22"
+	// user1     = "user"
+	// password1 = "password"
+
+	// dropbear on linux
+	host1 = "10.161.115.160"
+	port1 = "22"
+	user1 = "root"
+
+	// sshd of OpenSSH on Windows
+	// host1 = "10.161.115.189"
+	// port1 = "22"
+	// user1 = "user_"
+
+	// Target ssh server
+	// host2     = "target.com"
+	// port2     = "22"
+	// user2     = "user"
+	// password2 = "password"
+
+	// dropbear on linux
+	// host2 = "10.161.115.160"
+	// port2 = "22"
+	// user2 = "root"
+
+	// sshd of OpenSSH on Windows
+	host2 = "10.161.115.189"
+	port2 = "22"
+	user2 = "user_"
+
+	termlog = "./test_termlog"
+)
+
+func main() {
+	// ==========
+	// proxy connect
+	// ==========
+
+	// Create proxy sshlib.Connect
+	proxyCon := &sshlib.Connect{
+		// If you use x11 forwarding, please uncomment next line.
+		// ForwardX11: true,
+
+		// If you use ssh-agent forwarding, uncomment next line.
+		// ForwardAgent: true,
+
+		// If you use ssh-agent forwarding, and not use sshlib.CreateAuthMethodAgent(con), uncomment next line.
+		// Agent:        sshlib.ConnectSshAgent(),
+	}
+
+	// Create proxy ssh.AuthMethod
+	proxyAuthMethod, err := sshlib.CreateAuthMethodAgent(proxyCon)
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+
+	// Connect proxy server
+	err = proxyCon.CreateClient(host1, port1, user1, []ssh.AuthMethod{proxyAuthMethod})
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+
+	// ==========
+	// target connect
+	// ==========
+
+	// Create target sshlib.Connect
+	targetCon := &sshlib.Connect{
+		ProxyDialer: proxyCon.Client,
+	}
+
+	// Create target ssh.AuthMethod with proxyCon.Agent
+	targetAuthMethod, err := sshlib.CreateAuthMethodAgent(proxyCon)
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+
+	// Connect target server
+	err = targetCon.CreateClient(host2, port2, user2, []ssh.AuthMethod{targetAuthMethod})
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+
+	// Set terminal log
+	// targetCon.SetLog(termlog, false)
+
+	// Create Session
+	session, err := targetCon.CreateSession()
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+
+	// Start ssh shell
+	targetCon.Shell(session)
+}

agent.go

@@ -5,32 +5,13 @@
 package sshlib
 
 import (
-	"net"
-	"os"
-
 	"golang.org/x/crypto/ssh"
 	"golang.org/x/crypto/ssh/agent"
 )
 
 // AgentInterface Interface for storing agent.Agent or agent.ExtendedAgent.
 type AgentInterface interface{}
 
-// ConnectSshAgent
-func ConnectSshAgent() (ag AgentInterface) {
-	// Get env "SSH_AUTH_SOCK" and connect.
-	sockPath := os.Getenv("SSH_AUTH_SOCK")
-	sock, err := net.Dial("unix", sockPath)
-
-	if err != nil {
-		ag = agent.NewKeyring()
-	} else {
-		// connect SSH_AUTH_SOCK
-		ag = agent.NewClient(sock)
-	}
-
-	return
-}
-
 // AddKeySshAgent is rapper agent.Add().
 // key must be a *rsa.PrivateKey, *dsa.PrivateKey or
 // *ecdsa.PrivateKey, which will be inserted into the agent.

agent_unix.go

@@ -0,0 +1,30 @@
+// Copyright (c) 2021 Blacknon. All rights reserved.
+// Use of this source code is governed by an MIT license
+// that can be found in the LICENSE file.
+//go:build !windows && !plan9 && !nacl
+// +build !windows,!plan9,!nacl
+
+package sshlib
+
+import (
+	"net"
+	"os"
+
+	"golang.org/x/crypto/ssh/agent"
+)
+
+// ConnectSshAgent
+func ConnectSshAgent() (ag AgentInterface) {
+	// Get env "SSH_AUTH_SOCK" and connect.
+	sockPath := os.Getenv("SSH_AUTH_SOCK")
+	sock, err := net.Dial("unix", sockPath)
+
+	if err != nil {
+		ag = agent.NewKeyring()
+	} else {
+		// connect SSH_AUTH_SOCK
+		ag = agent.NewClient(sock)
+	}
+
+	return
+}

agent_windows.go

@@ -0,0 +1,36 @@
+// Copyright (c) 2021 Blacknon. All rights reserved.
+// Use of this source code is governed by an MIT license
+// that can be found in the LICENSE file.
+//go:build windows
+// +build windows
+
+package sshlib
+
+import (
+	"net"
+	"os"
+
+	"github.com/davidmz/go-pageant"
+
+	"golang.org/x/crypto/ssh/agent"
+)
+
+// ConnectSshAgent
+func ConnectSshAgent() (ag AgentInterface) {
+	// Get env "SSH_AUTH_SOCK" and connect.
+	sockPath := os.Getenv("SSH_AUTH_SOCK")
+	sock, err := net.Dial("unix", sockPath)
+
+	if err != nil {
+		ag = pageant.New()
+
+		if ag == nil {
+			ag = agent.NewKeyring()
+		}
+	} else {
+		// connect SSH_AUTH_SOCK
+		ag = agent.NewClient(sock)
+	}
+
+	return
+}

auth.go

@@ -177,3 +177,18 @@ func CreateSignerAgent(sshAgent interface{}) (signers []ssh.Signer, err error) {
 
 	return
 }
+
+// CreateAuthMethodAgent returns ssh.AuthMethod from con.Agent.
+// case con.Agent is nil then ConnectSshAgent to it
+func CreateAuthMethodAgent(con *Connect) (auth ssh.AuthMethod, err error) {
+	if con.Agent == nil {
+		con.Agent = ConnectSshAgent()
+	}
+	signers, err := CreateSignerAgent(con.Agent)
+	if err != nil {
+		return
+	}
+	auth = ssh.PublicKeys(signers...)
+
+	return
+}

go.mod

@@ -15,6 +15,7 @@ require (
 
 require (
 	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
+	github.com/davidmz/go-pageant v1.0.2 // indirect
 	github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/stretchr/testify v1.7.1 // indirect

go.sum

@@ -9,6 +9,8 @@ github.com/blacknon/crypto11 v1.2.6/go.mod h1:HThRIRjHpJIJwcExGgNuPCyf26HqcFVTTA
 github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davidmz/go-pageant v1.0.2 h1:bPblRCh5jGU+Uptpz6LgMZGD5hJoOt7otgT454WvHn0=
+github.com/davidmz/go-pageant v1.0.2/go.mod h1:P2EDDnMqIwG5Rrp05dTRITj9z2zpGcD9efWSkTNKLIE=
 github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a h1:saTgr5tMLFnmy/yg3qDTft4rE5DY2uJ/cCxCe3q0XTU=
 github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a/go.mod h1:Bw9BbhOJVNR+t0jCqx2GC6zv0TGBsShs56Y3gfSCvl0=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
@@ -34,10 +36,12 @@ github.com/thales-e-security/pool v0.0.2 h1:RAPs4q2EbWsTit6tpzuvTFlgFRJ3S8Evf5gt
 github.com/thales-e-security/pool v0.0.2/go.mod h1:qtpMm2+thHtqhLzTwgDBj/OuNnMpupY8mv0Phz0gjhU=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
 golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e h1:T8NU3HyQ8ClP4SEE+KbFlg6n0NhuTsN4MyznaarGsZM=
 golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20220526153639-5463443f8c37 h1:lUkvobShwKsOesNfWWlCS5q7fnbG1MEliIzwu886fn8=
 golang.org/x/net v0.0.0-20220526153639-5463443f8c37/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
@@ -56,6 +60,7 @@ golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuX
 golang.org/x/term v0.0.0-20220526004731-065cf7ba2467 h1:CBpWXWQpIRjzmkkA+M7q9Fqnwd2mZr3AFqexg8YTfoM=
 golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=