breakglass command: add -proxy flag for easier ProxyCommand usage

Now you can use the following in your ~/.ssh/config for example: Host scan2drive-backup Hostname scan2drive.lan IdentityFile ~/.ssh/id_ed25519_scan2drivebackup ProxyCommand breakglass -proxy scan2drive.lan
2022-03-31 19:52:53 +02:00 · 2022-03-31 19:52:53 +02:00 · 629a19f92d
commit 629a19f92d
parent 087335e682
1 changed files with 16 additions and 0 deletions
--- a/cmd/breakglass/breakglass.go
+++ b/cmd/breakglass/breakglass.go
@ -186,6 +186,11 @@ func breakglass() error {
 			false,
 			"prepare the SSH connection only, but do not execute SSH (useful for using breakglass within an SSH ProxyCommand)")

+		proxy = flag.Bool(
+			"proxy",
+			false,
+			"prepare the SSH connection, then connect stdin/stdout to the SSH port (useful for using breakglass within an SSH ProxyCommand)")
+
 		sshConfig = flag.String(
 			"ssh_config",
 			"",
@ -244,6 +249,17 @@ func breakglass() error {
 		return err
 	}

+	if *proxy {
+		log.Printf("proxying SSH traffic (-proxy flag)")
+		nc := exec.Command("nc", hostname, "22")
+		nc.Stdout = os.Stdout
+		nc.Stdin = os.Stdin
+		if err := nc.Run(); err != nil {
+			return fmt.Errorf("%v: %v", nc.Args, err)
+		}
+		return nil
+	}
+
 	if *prepare {
 		return nil
 	}