Fabio/webssh2
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

commenting on host key hash verification and renaming

Browse source
This commit is contained in:
billchurch 2017-12-12 14:43:07 -05:00
parent 783327b014
commit c6f6daeaf6
3 changed files with 7 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
config.json
View file

@ -59,5 +59,5 @@
"server": false // not yet implemented "server": false // not yet implemented
}, },
"accesslog": false, // http style access logging to console.log "accesslog": false, // http style access logging to console.log
"verify": true "verify": false // verification of host key hashes, see hostkeyhashes.json
} }

0
hostkeys.json → hostkeyhashes.json
View file

13
socket.js
View file

@ -5,11 +5,9 @@ var debug = require('debug')
var debugWebSSH2 = require('debug')('WebSSH2') var debugWebSSH2 = require('debug')('WebSSH2')
var SSH = require('ssh2').Client var SSH = require('ssh2').Client
var fs = require('fs') var fs = require('fs')
var hostkeys = JSON.parse(fs.readFileSync('./hostkeys.json', 'utf8')) var hostkeys = JSON.parse(fs.readFileSync('./hostkeyhashes.json', 'utf8'))
var termCols, termRows var termCols, termRows
console.log(JSON.stringify(hostkeys))
// public // public
module.exports = function socket (socket) { module.exports = function socket (socket) {
// if websocket connection arrives without an express session, kill it // if websocket connection arrives without an express session, kill it
@ -121,14 +119,15 @@ module.exports = function socket (socket) {
return (verified = true) return (verified = true)
} else { } else {
err = { message: 'SSH HOST KEY HASH MISMATCH: ' + hash } err = { message: 'SSH HOST KEY HASH MISMATCH: ' + hash }
console.error('stored host key hashes: ', JSON.stringify(hostkeys)) console.error('WEBSSH2 contents of host key hashes: ', JSON.stringify(hostkeys))
console.error('reported hash from ' + socket.request.session.ssh.host + ': ', hash) console.error('WEBSSH2 reported hash from ' + socket.request.session.ssh.host + ': ', hash)
console.error(' host key hash for ' + socket.request.session.ssh.host + ': ', hostkeys[socket.request.session.ssh.host]) console.error('WEBSSH2 host key hash for ' + socket.request.session.ssh.host + ': ', hostkeys[socket.request.session.ssh.host])
SSHerror('CONN CONNECT', err) SSHerror('CONN CONNECT', err)
return (verified = false)
} }
} else { } else {
console.info('host key verification disabled. hash for host ' + socket.request.session.ssh.host + ': ', hash) console.info('host key verification disabled. hash for host ' + socket.request.session.ssh.host + ': ', hash)
return (verified = true) return (noverify = true)
} }
}, },
debug: debug('ssh2') debug: debug('ssh2')