From 629a19f92df2737d2b673f20b64d89a8338e4a8a Mon Sep 17 00:00:00 2001
From: Michael Stapelberg <michael@stapelberg.de>
Date: Thu, 31 Mar 2022 19:52:53 +0200
Subject: [PATCH] breakglass command: add -proxy flag for easier ProxyCommand
 usage

Now you can use the following in your ~/.ssh/config for example:

Host scan2drive-backup
	Hostname scan2drive.lan
	IdentityFile ~/.ssh/id_ed25519_scan2drivebackup
	ProxyCommand breakglass -proxy scan2drive.lan
---
 cmd/breakglass/breakglass.go | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/cmd/breakglass/breakglass.go b/cmd/breakglass/breakglass.go
index 50f1682..f1e7f81 100644
--- a/cmd/breakglass/breakglass.go
+++ b/cmd/breakglass/breakglass.go
@@ -186,6 +186,11 @@ func breakglass() error {
 			false,
 			"prepare the SSH connection only, but do not execute SSH (useful for using breakglass within an SSH ProxyCommand)")
 
+		proxy = flag.Bool(
+			"proxy",
+			false,
+			"prepare the SSH connection, then connect stdin/stdout to the SSH port (useful for using breakglass within an SSH ProxyCommand)")
+
 		sshConfig = flag.String(
 			"ssh_config",
 			"",
@@ -244,6 +249,17 @@ func breakglass() error {
 		return err
 	}
 
+	if *proxy {
+		log.Printf("proxying SSH traffic (-proxy flag)")
+		nc := exec.Command("nc", hostname, "22")
+		nc.Stdout = os.Stdout
+		nc.Stdin = os.Stdin
+		if err := nc.Run(); err != nil {
+			return fmt.Errorf("%v: %v", nc.Args, err)
+		}
+		return nil
+	}
+
 	if *prepare {
 		return nil
 	}