From 11623f681643705d561cc9f6432298755d77906d Mon Sep 17 00:00:00 2001 From: Momtchil Momtchev Date: Mon, 26 Nov 2018 22:32:35 +0100 Subject: [PATCH] Crude server-side private key support --- app/config.json | 3 ++- app/server/app.js | 5 ++++- app/server/socket.js | 9 +++++---- app/server/util.js | 6 +++++- 4 files changed, 16 insertions(+), 7 deletions(-) diff --git a/app/config.json b/app/config.json index d069d0c..eb3f5e4 100644 --- a/app/config.json +++ b/app/config.json @@ -5,7 +5,8 @@ }, "user": { "name": null, - "password": null + "password": null, + "privatekey": null }, "ssh": { "host": null, diff --git a/app/server/app.js b/app/server/app.js index 26fcfff..a2881df 100644 --- a/app/server/app.js +++ b/app/server/app.js @@ -76,7 +76,10 @@ app.get('/ssh/host/:host?', function (req, res, next) { }, readyTimeout: (validator.isInt(req.query.readyTimeout + '', { min: 1, max: 300000 }) && req.query.readyTimeout) || config.ssh.readyTimeout - } + } + if (config.user.privatekey !== null) + req.session.privatekey = require('fs').readFileSync(config.user.privatekey, 'ascii') + if (req.session.ssh.header.name) validator.escape(req.session.ssh.header.name) if (req.session.ssh.header.background) validator.escape(req.session.ssh.header.background) }) diff --git a/app/server/socket.js b/app/server/socket.js index 4756b7f..90f4e7d 100644 --- a/app/server/socket.js +++ b/app/server/socket.js @@ -114,18 +114,19 @@ module.exports = function socket (socket) { debugWebSSH2('conn.on(\'keyboard-interactive\')') finish([socket.request.session.userpassword]) }) - if (socket.request.session.username && socket.request.session.userpassword && socket.request.session.ssh) { - // console.log('hostkeys: ' + hostkeys[0].[0]) + if (socket.request.session.username && (socket.request.session.userpassword || (socket.request.session.privatekey) && socket.request.session.ssh)) { + // console.log('hostkeys: ' + hostkeys[0].[0]) conn.connect({ host: socket.request.session.ssh.host, port: socket.request.session.ssh.port, username: socket.request.session.username, password: socket.request.session.userpassword, - tryKeyboard: true, + tryKeyboard: false, algorithms: socket.request.session.ssh.algorithms, readyTimeout: socket.request.session.ssh.readyTimeout, keepaliveInterval: socket.request.session.ssh.keepaliveInterval, - keepaliveCountMax: socket.request.session.ssh.keepaliveCountMax, + keepaliveCountMax: socket.request.session.ssh.keepaliveCountMax, + privateKey: socket.request.session.privatekey, debug: debug('ssh2') }) } else { diff --git a/app/server/util.js b/app/server/util.js index a3ea940..d9e561e 100644 --- a/app/server/util.js +++ b/app/server/util.js @@ -1,6 +1,10 @@ 'use strict' /* jshint esversion: 6, asi: true, node: true */ // util.js +var path = require('path') +var nodeRoot = path.dirname(require.main.filename) +var configPath = path.join(nodeRoot, 'config.json') +var config = require('read-config')(configPath) // private require('colors') // allow for color property extensions in log messages @@ -9,7 +13,7 @@ var Auth = require('basic-auth') exports.basicAuth = function basicAuth (req, res, next) { var myAuth = Auth(req) - if (myAuth && myAuth.pass !== '') { + if (myAuth && (myAuth.pass !== '' || config.user.privatekey !== null)) { req.session.username = myAuth.name req.session.userpassword = myAuth.pass debug('myAuth.name: ' + myAuth.name.yellow.bold.underline +