Skip to content

Latest commit

 

History

History
executable file
·
107 lines (92 loc) · 5.32 KB

README.md

File metadata and controls

executable file
·
107 lines (92 loc) · 5.32 KB

simple ssh manager 📟

Terminal based SSH connections manager

Allow you create multiply "inventory" host lists and connect into target host with few key motions

You can connect to target host using several "hop" options - via regular jumphost, kubernetes service (with SOCKS5 proxy), kubernetes service(with SOCKS5 proxy) + jumphost as proxy, direct connection

For using k8s service as proxy - you need to install SOCKS5 pod in your cluster and create service for it. See, for example, [dante](https://www.inet.no/dante/)

Currently it support only password-based auth (btw crypto/ssh used, BUT passwords in inventory stored as plaintext, keep in mind)

Written in Go with rivo/tview

Preview:

Example

📓 Inventory:

  • support multiply hosts groups (lists) in one inventory file
  • support separate jumphost and kubejumphost configs for each hosts group
  • inventory should be in /home/$user/inventory.json or defined in ENV SSHMANAGER_INVENTORY=/path/to/inventory.json
  • regular host, kubernetes SOCKS5 proxy service or both (kubernetes -> jumphost -> targethost) can be used as jump option

🔌 Jumphost options:

  • None - localhost -> targethost
  • Kube❯Jump - localhost -> kubernetes SOCKS5 service -> jumphost -> targethost
  • Kube - localhost -> kubernetes SOCKS5 service -> targethost
  • Jump - localhost -> jumphost -> targethost

🔧 Configuration:

🚢 Kubernetes SOCKS5 service as Jumphost:
- kubeJumpHostConfig.kubeconfigPath - path to kubeconfig file (default: ~/.kube/config)
- kubeJumpHostConfig.namespace - namespace of service
- kubeJumpHostConfig.service - name of service with SOCKS5 proxy. 

🔗 Jumphost - config:
- JumpHostConfig.username - username for jumphost
- JumpHostConfig.password - password for jumphost
- JumpHostConfig.hostname - hostname for jumphost


🚥 How-To Use:

go build -o sshmanager ./ssm
cp sshmanager /usr/local/bin/
chmod +x /usr/local/bin/sshmanager

✅ TODO - Features:

  • kubectl jumphost functional
  • kubectl+bastion jumphost functional
  • bastion(single regular host) jumphost functional
  • multiply lists support
  • use 1 inventory with two lists intead of separate inventory files
  • use crypto/ssh for connection instead of exec ssh
  • refac exec ssh commands (use ssh config file instead of command line args?)
  • ssh command builder?
  • make release?
  • make CI/Actions?
  • add binary release to CI/Actions
  • add echo "connected to $hostname" on each jumphost on the way to target host
  • add 'no strict host checking' for kube+jump option
  • cleanup binary from git history
  • wtf 50M binary, shrinked to 31MB, need to drop/replace go-client for kubernetes for more lightweight binary :(
  • reuse socks5 for multiply connections
  • add option for creating local proxy for :DistantConnect sessions?
  • additional packaging?
  • cover code with more error handling
  • add ssh key-based auth support
  • exclude "legend" information to bottom panel
  • use tmux inside of app window instead of current behavior (close app->exec ssh in default terminal)
  • add tagging at pull requests to CI/Actions
  • refac Hosts struct and optimize struct pass and use
  • proxy via kubernetes/client-go instead kubectl?
  • add kube context to inventory and kube functions
  • yaml inventory?
  • vim-like command mode for :q and :/ ?
  • encrypt inventory? fetch passwords from bitwarden?
  • make default service namespace fallback
  • make logging more cute and compact

⚠️ TO FIX:

  • "Recovered from panic: runtime error: index out of range [n] with length n" after quit app with 'q' (meanwhile, signal from ctrl+c handled correctly)
  • localPort don't closes if ssh auth error happens

⛽ Changelog:

  • 2024.02.07 refactoring connection func, change pod port-forwarding to service port-forwarding
  • 2024.02.06 huge refactoring of ssh connections (sshpass bye-bye, welcome crypto/ssh lib) and implementing SOCKS5 k8s proxy with port-forwarding
  • 2024.01.28 v0.1.12 add minor improvments (as print connstring), refactoring, ssh args structure, binary size optimization, and so on.
  • 2023.10.29 add binary release to CI/Actions
  • 2023.10.23 fix bug with selecting host for connect (affect lists that different from first list)
  • 2023.10.22: added nested (kubernetes->jumphost) jump option, add regular jumphost option, back to single-list draw with ability to switch between lists, allow multiply lists in one inventory file, add separate jump configs per host, and so on (minor changes)
  • 2023.10.21: added kubernetes jumphost support and modal dialog for jump options, fixed minor bugs

🏁 Releases:

  • v0.1.12 - minor fixes & improvments
  • v0.1.11 - init version