Utility to ease the creation of SSH based applications in go
- See this Demo ( app.go ) of sshgate which accept git push/pull operations
- Authenticate users from database
- Route push/pull to the right back-end (our primary use case)
- Single entry point for your cluster of servers
- ...
The idea is to create an authentication function that will receive the user creadentials and return if the connection is allowed and an object that implement one of sshgate interfaces.
type Authenticate func(c sshgate.Connection, user, algo string, pubkey []byte) (bool, sshgate.App)
The Demo implement sshgate.Executable
to allow the clients to execute git-upload-pack and git-receive-pack.
- First, sshgate query the app to check if the execution should be allowed with Executable.CanExec
- If the response is yes, the command is executed by Executable.Exec
- Add support for password based authentication
- Add more interfaces to expose more features of SSH
In GO, SSH is a first class citizen with support for the protocol from go.crypto/ssh, but a lot of features are not exposed in the server API.
For example, the package doesn't allow to send program's exit code to the client and this makes git complain that The remote end hung up unexpectedly
...
There is an issue about that opened at the same time I was working on the project.
Furthermore if the server hasn't read all the data before io.EOF is received, ssh won't let us read the data. I've opened an issue about that.
Please star those issues :)
For the meantime, sshgate use my fork of go.crypto/ssh