| // Copyright 2011 The Go Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style |
| // license that can be found in the LICENSE file. |
| |
| package ssh |
| |
| import ( |
| "bytes" |
| "fmt" |
| "io/ioutil" |
| "log" |
| "net" |
| "net/http" |
| |
| "golang.org/x/crypto/ssh/terminal" |
| ) |
| |
| func ExampleNewServerConn() { |
| // An SSH server is represented by a ServerConfig, which holds |
| // certificate details and handles authentication of ServerConns. |
| config := &ServerConfig{ |
| PasswordCallback: func(c ConnMetadata, pass []byte) (*Permissions, error) { |
| // Should use constant-time compare (or better, salt+hash) in |
| // a production setting. |
| if c.User() == "testuser" && string(pass) == "tiger" { |
| return nil, nil |
| } |
| return nil, fmt.Errorf("password rejected for %q", c.User()) |
| }, |
| } |
| |
| privateBytes, err := ioutil.ReadFile("id_rsa") |
| if err != nil { |
| panic("Failed to load private key") |
| } |
| |
| private, err := ParsePrivateKey(privateBytes) |
| if err != nil { |
| panic("Failed to parse private key") |
| } |
| |
| config.AddHostKey(private) |
| |
| // Once a ServerConfig has been configured, connections can be |
| // accepted. |
| listener, err := net.Listen("tcp", "0.0.0.0:2022") |
| if err != nil { |
| panic("failed to listen for connection") |
| } |
| nConn, err := listener.Accept() |
| if err != nil { |
| panic("failed to accept incoming connection") |
| } |
| |
| // Before use, a handshake must be performed on the incoming |
| // net.Conn. |
| _, chans, reqs, err := NewServerConn(nConn, config) |
| if err != nil { |
| panic("failed to handshake") |
| } |
| // The incoming Request channel must be serviced. |
| go DiscardRequests(reqs) |
| |
| // Service the incoming Channel channel. |
| for newChannel := range chans { |
| // Channels have a type, depending on the application level |
| // protocol intended. In the case of a shell, the type is |
| // "session" and ServerShell may be used to present a simple |
| // terminal interface. |
| if newChannel.ChannelType() != "session" { |
| newChannel.Reject(UnknownChannelType, "unknown channel type") |
| continue |
| } |
| channel, requests, err := newChannel.Accept() |
| if err != nil { |
| panic("could not accept channel.") |
| } |
| |
| // Sessions have out-of-band requests such as "shell", |
| // "pty-req" and "env". Here we handle only the |
| // "shell" request. |
| go func(in <-chan *Request) { |
| for req := range in { |
| ok := false |
| switch req.Type { |
| case "shell": |
| ok = true |
| if len(req.Payload) > 0 { |
| // We don't accept any |
| // commands, only the |
| // default shell. |
| ok = false |
| } |
| } |
| req.Reply(ok, nil) |
| } |
| }(requests) |
| |
| term := terminal.NewTerminal(channel, "> ") |
| |
| go func() { |
| defer channel.Close() |
| for { |
| line, err := term.ReadLine() |
| if err != nil { |
| break |
| } |
| fmt.Println(line) |
| } |
| }() |
| } |
| } |
| |
| func ExampleDial() { |
| // An SSH client is represented with a ClientConn. Currently only |
| // the "password" authentication method is supported. |
| // |
| // To authenticate with the remote server you must pass at least one |
| // implementation of AuthMethod via the Auth field in ClientConfig. |
| config := &ClientConfig{ |
| User: "username", |
| Auth: []AuthMethod{ |
| Password("yourpassword"), |
| }, |
| } |
| client, err := Dial("tcp", "yourserver.com:22", config) |
| if err != nil { |
| panic("Failed to dial: " + err.Error()) |
| } |
| |
| // Each ClientConn can support multiple interactive sessions, |
| // represented by a Session. |
| session, err := client.NewSession() |
| if err != nil { |
| panic("Failed to create session: " + err.Error()) |
| } |
| defer session.Close() |
| |
| // Once a Session is created, you can execute a single command on |
| // the remote side using the Run method. |
| var b bytes.Buffer |
| session.Stdout = &b |
| if err := session.Run("/usr/bin/whoami"); err != nil { |
| panic("Failed to run: " + err.Error()) |
| } |
| fmt.Println(b.String()) |
| } |
| |
| func ExampleClient_Listen() { |
| config := &ClientConfig{ |
| User: "username", |
| Auth: []AuthMethod{ |
| Password("password"), |
| }, |
| } |
| // Dial your ssh server. |
| conn, err := Dial("tcp", "localhost:22", config) |
| if err != nil { |
| log.Fatalf("unable to connect: %s", err) |
| } |
| defer conn.Close() |
| |
| // Request the remote side to open port 8080 on all interfaces. |
| l, err := conn.Listen("tcp", "0.0.0.0:8080") |
| if err != nil { |
| log.Fatalf("unable to register tcp forward: %v", err) |
| } |
| defer l.Close() |
| |
| // Serve HTTP with your SSH server acting as a reverse proxy. |
| http.Serve(l, http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { |
| fmt.Fprintf(resp, "Hello world!\n") |
| })) |
| } |
| |
| func ExampleSession_RequestPty() { |
| // Create client config |
| config := &ClientConfig{ |
| User: "username", |
| Auth: []AuthMethod{ |
| Password("password"), |
| }, |
| } |
| // Connect to ssh server |
| conn, err := Dial("tcp", "localhost:22", config) |
| if err != nil { |
| log.Fatalf("unable to connect: %s", err) |
| } |
| defer conn.Close() |
| // Create a session |
| session, err := conn.NewSession() |
| if err != nil { |
| log.Fatalf("unable to create session: %s", err) |
| } |
| defer session.Close() |
| // Set up terminal modes |
| modes := TerminalModes{ |
| ECHO: 0, // disable echoing |
| TTY_OP_ISPEED: 14400, // input speed = 14.4kbaud |
| TTY_OP_OSPEED: 14400, // output speed = 14.4kbaud |
| } |
| // Request pseudo terminal |
| if err := session.RequestPty("xterm", 80, 40, modes); err != nil { |
| log.Fatalf("request for pseudo terminal failed: %s", err) |
| } |
| // Start remote shell |
| if err := session.Shell(); err != nil { |
| log.Fatalf("failed to start shell: %s", err) |
| } |
| } |
