lordwelch/breakglass
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
92 Commits 3 Branches 0 Tags
keysize
Commit Graph

92 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
timmy 8f5bdaed8a Fix hostkey being too short
Push / CI (push) Has been cancelled
Details 
Modern versions of ssh refuse to connect to a server with a rsa key that
  is less than 2048 and this may change to 3072 or 4096 in the future.
  ed25519 cannot change keysize
 2025-12-28 13:12:09 -08:00
Michael Stapelberg 3d571d9ebb cmd/breakglass: fallback to HTTP instead of detecting stripping 
This follows gokrazy/tools commit
https://github.com/gokrazy/tools/commit/ba6a8936f4a88ddcf20a3b8f625e323e65664aa6
 2025-12-09 17:22:34 +01:00
Michael Stapelberg e8f40f784b cmd/breakglass: use updateflag.Value, add own -insecure flag 
related to https://github.com/gokrazy/tools/pull/68
 2025-12-05 17:50:59 +01:00
Michael Stapelberg e4167a5b08 cmd/breakglass: remove old -gokrazy_url and -tls flags 
These have been deprecated for years.
All users should have switched to the instance-centric config by now.

related to https://github.com/gokrazy/tools/pull/68
 2025-12-05 17:34:49 +01:00
dependabot[bot] 596b54e033 Bump golang.org/x/crypto from 0.35.0 to 0.45.0 (#26) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.35.0 to 0.45.0.
- [Commits](https://github.com/golang/crypto/compare/v0.35.0...v0.45.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.45.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-20 07:37:04 +01:00
Mark Drayton 02513c1dab README: fix -debug_tarball_pattern name mismatch (#25) 2025-08-24 09:03:20 +02:00
dependabot[bot] ac3ee429ce Bump golang.org/x/oauth2 from 0.23.0 to 0.27.0 (#24) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.23.0 to 0.27.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.23.0...v0.27.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.27.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-19 10:26:34 +02:00
dependabot[bot] c0fb5a7864 Bump golang.org/x/crypto from 0.33.0 to 0.35.0 (#23) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.33.0 to 0.35.0.
- [Commits](https://github.com/golang/crypto/compare/v0.33.0...v0.35.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.35.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-15 08:47:08 +02:00
Michael Stapelberg adb5ce3ea1 use gokapi package to query build timestamp 2025-02-22 08:12:43 +01:00
Michael Stapelberg 62e5a663a8 GitHub Actions: update to latest versions of actions 2025-02-22 07:23:07 +01:00
Tim H 8965ef43ba Get buildTimestamp via a request to Unix socket (#22) 
Fixes https://github.com/gokrazy/breakglass/issues/21
 2025-02-22 07:20:22 +01:00
Michael Stapelberg 5f675f1989 pull in latest gokrazy package 2025-02-22 07:18:42 +01:00
Michael Stapelberg a233c4f4d4 go.mod: bump language version to 1.24 2025-02-22 07:18:24 +01:00
Michael Stapelberg 86e60e7477 update to latest gokrazy/internal 
related to https://github.com/gokrazy/gokrazy/issues/191
 2025-01-26 22:46:35 +01:00
Michael Stapelberg c9528b4abb try to install busybox into a tmpfs /bin (with fallback) 
This code path requires gokrazy/tools at this commit or newer:
https://github.com/gokrazy/tools/commit/37e2f95c5cfc58554405cc615c5da8e4899b071a

And gokrazy/serial-breakglass at this commit or newer:
https://github.com/gokrazy/serial-busybox/commit/bf9bc192356e3762c3d4e99c037d0e868d50d313

Afterwards, with an ~/.ssh/config entry like this:

    Host scan2drive
        ProxyCommand breakglass -proxy %h

…using Emacs TRAMP should just work:

    emacs /ssh:scan2drive:/perm/keep/index.md
 2024-12-31 09:53:25 +01:00
dependabot[bot] 6c59aaaf28 Bump golang.org/x/crypto from 0.17.0 to 0.31.0 (#20) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.17.0 to 0.31.0.
- [Commits](https://github.com/golang/crypto/compare/v0.17.0...v0.31.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-12 08:22:41 +01:00
Michael Stapelberg 0327ae332c breakglass: enable -enable_banner by default 
The banner is useful and recognizeable.
I think it should be turned on by default.
 2024-06-09 22:11:23 +02:00
Brad Fitzpatrick 09eeab3321 Support getting public keys from AWS EC2 metadata (#18) 
Updates gokrazy/gokrazy#265

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2024-06-04 19:01:21 +02:00
Michael Stapelberg 44b3fe64f1 remove ssh-rsa warning 
bradfitz confirmed ssh-rsa keys work again.

fixes https://github.com/gokrazy/breakglass/issues/11
 2024-05-29 19:59:05 +02:00
dependabot[bot] eacd5a447e Bump golang.org/x/crypto from 0.6.0 to 0.17.0 (#17) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.6.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.6.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-19 08:51:47 +01:00
Michael Stapelberg e771a5894b pull in latest gokrazy/gokrazy for ifaddr change 2023-08-12 11:30:49 +02:00
Michael Stapelberg 158f63b4af go get -u 2023-02-25 16:20:58 +01:00
dependabot[bot] c70a6e787c Bump golang.org/x/crypto from 0.0.0-20211215153901-e495a2d5b3d3 to 0.1.0 (#16) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.0.0-20211215153901-e495a2d5b3d3 to 0.1.0.
- [Release notes](https://github.com/golang/crypto/releases)
- [Commits](https://github.com/golang/crypto/commits/v0.1.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-25 16:19:12 +01:00
dependabot[bot] cf2a123ac3 Bump golang.org/x/sys from 0.0.0-20211216021012-1d35b9e2eb4e to 0.1.0 (#15) 
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.0.0-20211216021012-1d35b9e2eb4e to 0.1.0.
- [Release notes](https://github.com/golang/sys/releases)
- [Commits](https://github.com/golang/sys/commits/v0.1.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-25 16:17:59 +01:00
Michael Stapelberg 3d152bbe1b use config.NewStruct() 
related to https://github.com/gokrazy/tools/issues/43
 2023-01-17 19:06:35 +01:00
Michael Stapelberg 12997053e4 fix: ensure config.Struct.Update is set in compatibility branch 2023-01-16 18:03:30 +01:00
Michael Stapelberg d90cafaa81 breakglass: leave a TODO for removing -tls and -gokrazy_url 
both are obsolete thanks to breakglass reading the instance config
 2023-01-15 17:28:26 +01:00
Michael Stapelberg 503c6819b2 breakglass: use httpclient.For() for host-specific fallback 2023-01-15 17:06:07 +01:00
Michael Stapelberg 1b4a9122b5 instance config: fix fallback to host-specific config 2023-01-15 13:46:02 +01:00
Michael Stapelberg 994987ee06 breakglass: read instance config 2023-01-15 13:36:50 +01:00
Michael Stapelberg d886921190 pull in latest github.com/gokrazy/internal 2023-01-15 13:36:42 +01:00
Michael Stapelberg 95ac9a06f8 README: update gokrazy instructions 2023-01-14 10:28:44 +01:00
Michael Stapelberg 2c1eed342d banner: build timestamp: read port from http-port.txt 
This fixes the banner on devices that use a non-standard HTTP port
 2022-11-08 21:51:53 +01:00
Michael Stapelberg 3d820b07fa ensure $HOME directory exists 2022-09-18 21:18:12 +02:00
Michael Stapelberg de86d50573 go.mod: update to language version go 1.18, tidy 2022-08-07 10:42:48 +02:00
Michael Stapelberg a9de5a1ae9 gofmt with Go 1.19 2022-08-07 10:18:05 +02:00
Michael Stapelberg 1e0db24f0e GitHub Actions: bump to Go 1.19 2022-08-07 10:10:23 +02:00
Michael Stapelberg ccc003f8ea pull in latest gokrazy/internal 
related to https://github.com/gokrazy/gokrazy/issues/131
 2022-07-09 19:26:39 +02:00
Michael Stapelberg c857ec6218 turn banner (printed before auth) into MOTD (printed after login) 
This means the message will be printed only once when using the breakglass
command line tool (which first copies over a tarball, then logs in).

Also switch to fancy ASCII art while we’re at it :)
 2022-07-09 18:38:32 +02:00
Michael Stapelberg c21964dfd8 breakglass: support -tls flag, use -update logic for -gokrazy_url 
fixes https://github.com/gokrazy/breakglass/issues/13
 2022-04-30 21:27:18 +02:00
Michael Stapelberg 48c5124500 unpack tar files copied via sftp subsystem, too (not just older scp) 
For compatibility with OpenSSH ≥ 9
 2022-04-17 15:32:45 +02:00
Michael Stapelberg 7dbbe9b4b3 fix subsystem invocation: send exit code afterwards 
This fixes scp(1) with OpenSSH ≥ 9.
 2022-04-17 15:23:09 +02:00
Michael Stapelberg 097a6f87d6 pull in latest github.com/pkg/sftp 2022-04-17 15:23:03 +02:00
Michael Stapelberg ef69007a43 use renameio to avoid “text file busy” errors 
Before this commit, extracting a breakglass would fail when /tmp/breakglass*/sh
was busy because it was being run in a separate connection.
 2022-04-09 00:11:47 +02:00
Michael Stapelberg 564a0eceaf explicitly set TMPDIR 
programs such as podman will otherwise default to /var/tmp
(see https://github.com/containers/podman/pull/5412/files)

related to https://github.com/gokrazy/gokrazy/issues/124
 2022-04-03 23:05:12 +02:00
Michael Stapelberg 5a97592967 include /usr/local/bin in $PATH 
related to https://github.com/gokrazy/gokrazy/issues/124
 2022-04-03 23:05:02 +02:00
Michael Stapelberg 629a19f92d breakglass command: add -proxy flag for easier ProxyCommand usage 
Now you can use the following in your ~/.ssh/config for example:

Host scan2drive-backup
	Hostname scan2drive.lan
	IdentityFile ~/.ssh/id_ed25519_scan2drivebackup
	ProxyCommand breakglass -proxy scan2drive.lan
 2022-03-31 19:52:53 +02:00
Michael Stapelberg 087335e682 PATH: add /user so that programs installed with gokrazy are found 2022-03-31 19:36:56 +02:00
Michael Stapelberg 0a14bc7f0c set HOME=/perm/home for persistent configs in interactive usage 
As a welcome side effect, this enables persistent shell history by default!
 2022-03-31 19:36:44 +02:00
Michael Stapelberg 0ee50d0171 breakglass: read host-specific http-port.txt 2022-03-26 19:42:52 +01:00