Compare commits
1 Commits
main
...
bradfitz/k
| Author | SHA1 | Date |
|---|---|---|
Brad Fitzpatrick
|
493b5b9b57 |
|
|
@ -62,30 +62,28 @@ func main() {
|
||||||
Addr: *addr,
|
Addr: *addr,
|
||||||
Version: "Tailscale",
|
Version: "Tailscale",
|
||||||
Handler: handleSessionPostSSHAuth,
|
Handler: handleSessionPostSSHAuth,
|
||||||
ServerConfigCallback: func(ctx ssh.Context) *gossh.ServerConfig {
|
KeyboardInteractiveHandler: func(ctx ssh.Context, challenge gossh.KeyboardInteractiveChallenge) bool {
|
||||||
start := time.Now()
|
log.Printf("XXXX here")
|
||||||
return &gossh.ServerConfig{
|
challenge("Tailscale SSH", "\nTailscale SSH needs blah blah\nGo to:\n\n https://example.com\n\n", nil, nil)
|
||||||
NextAuthMethodCallback: func(conn gossh.ConnMetadata, prevErrors []error) []string {
|
|
||||||
return []string{"tailscale"}
|
|
||||||
},
|
|
||||||
NoClientAuth: true, // required for the NoClientAuthCallback to run
|
|
||||||
NoClientAuthCallback: func(cm gossh.ConnMetadata) (*gossh.Permissions, error) {
|
|
||||||
cm.SendAuthBanner(fmt.Sprintf("# Banner: doing none auth at %v\r\n", time.Since(start)))
|
|
||||||
|
|
||||||
totalBanners := 2
|
// ans, err := challenge("tailscale-check",
|
||||||
if cm.User() == "banners" {
|
// "instruction",
|
||||||
totalBanners = 5
|
// []string{"question1\n", "question2-noecho\n"},
|
||||||
}
|
// []bool{true, false})
|
||||||
for banner := 2; banner <= totalBanners; banner++ {
|
// if err != nil {
|
||||||
time.Sleep(time.Second)
|
// log.Printf("Error: %v", err)
|
||||||
if banner == totalBanners {
|
// return false
|
||||||
cm.SendAuthBanner(fmt.Sprintf("# Banner%d: access granted at %v\r\n", banner, time.Since(start)))
|
// }
|
||||||
} else {
|
// ok := ctx.User() == "testuser" && ans[0] == "a1" && ans[1] == "a2"
|
||||||
cm.SendAuthBanner(fmt.Sprintf("# Banner%d at %v\r\n", banner, time.Since(start)))
|
// if ok {
|
||||||
}
|
// return true
|
||||||
}
|
// }
|
||||||
return nil, nil
|
// log.Printf("failed")
|
||||||
},
|
time.Sleep(5 * time.Second)
|
||||||
|
return true
|
||||||
|
},
|
||||||
|
ServerConfigCallback: func(ctx ssh.Context) *gossh.ServerConfig {
|
||||||
|
return &gossh.ServerConfig{
|
||||||
BannerCallback: func(cm gossh.ConnMetadata) string {
|
BannerCallback: func(cm gossh.ConnMetadata) string {
|
||||||
log.Printf("Got connection from user %q, %q from %v", cm.User(), cm.ClientVersion(), cm.RemoteAddr())
|
log.Printf("Got connection from user %q, %q from %v", cm.User(), cm.ClientVersion(), cm.RemoteAddr())
|
||||||
return fmt.Sprintf("# Banner for user %q, %q\n", cm.User(), cm.ClientVersion())
|
return fmt.Sprintf("# Banner for user %q, %q\n", cm.User(), cm.ClientVersion())
|
||||||
|
|
@ -106,7 +104,7 @@ func main() {
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleSessionPostSSHAuth(s ssh.Session) {
|
func handleSessionPostSSHAuth(s ssh.Session) {
|
||||||
log.Printf("Started session from user %q", s.User())
|
log.Printf("Started session from userxXXX %q", s.User())
|
||||||
fmt.Fprintf(s, "Hello user %q, it worked.\n", s.User())
|
fmt.Fprintf(s, "Hello user %q, it worked.\n", s.User())
|
||||||
|
|
||||||
// Abort the session on Control-C or Control-D.
|
// Abort the session on Control-C or Control-D.
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue