lordwelch/breakglass
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58 Commits 1 Branch 0 Tags
Commit Graph

58 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Stapelberg
de86d50573 go.mod: update to language version go 1.18, tidy 2022-08-07 10:42:48 +02:00
Michael Stapelberg
a9de5a1ae9 gofmt with Go 1.19 2022-08-07 10:18:05 +02:00
Michael Stapelberg
1e0db24f0e GitHub Actions: bump to Go 1.19 2022-08-07 10:10:23 +02:00
Michael Stapelberg
ccc003f8ea pull in latest gokrazy/internal 
related to https://github.com/gokrazy/gokrazy/issues/131
 2022-07-09 19:26:39 +02:00
Michael Stapelberg
c857ec6218 turn banner (printed before auth) into MOTD (printed after login) 
This means the message will be printed only once when using the breakglass
command line tool (which first copies over a tarball, then logs in).

Also switch to fancy ASCII art while we’re at it :)
 2022-07-09 18:38:32 +02:00
Michael Stapelberg
c21964dfd8 breakglass: support -tls flag, use -update logic for -gokrazy_url 
fixes https://github.com/gokrazy/breakglass/issues/13
 2022-04-30 21:27:18 +02:00
Michael Stapelberg
48c5124500 unpack tar files copied via sftp subsystem, too (not just older scp) 
For compatibility with OpenSSH ≥ 9
 2022-04-17 15:32:45 +02:00
Michael Stapelberg
7dbbe9b4b3 fix subsystem invocation: send exit code afterwards 
This fixes scp(1) with OpenSSH ≥ 9.
 2022-04-17 15:23:09 +02:00
Michael Stapelberg
097a6f87d6 pull in latest github.com/pkg/sftp 2022-04-17 15:23:03 +02:00
Michael Stapelberg
ef69007a43 use renameio to avoid “text file busy” errors 
Before this commit, extracting a breakglass would fail when /tmp/breakglass*/sh
was busy because it was being run in a separate connection.
 2022-04-09 00:11:47 +02:00
Michael Stapelberg
564a0eceaf explicitly set TMPDIR 
programs such as podman will otherwise default to /var/tmp
(see https://github.com/containers/podman/pull/5412/files)

related to https://github.com/gokrazy/gokrazy/issues/124
 2022-04-03 23:05:12 +02:00
Michael Stapelberg
5a97592967 include /usr/local/bin in $PATH 
related to https://github.com/gokrazy/gokrazy/issues/124
 2022-04-03 23:05:02 +02:00
Michael Stapelberg
629a19f92d breakglass command: add -proxy flag for easier ProxyCommand usage 
Now you can use the following in your ~/.ssh/config for example:

Host scan2drive-backup
	Hostname scan2drive.lan
	IdentityFile ~/.ssh/id_ed25519_scan2drivebackup
	ProxyCommand breakglass -proxy scan2drive.lan
 2022-03-31 19:52:53 +02:00
Michael Stapelberg
087335e682 PATH: add /user so that programs installed with gokrazy are found 2022-03-31 19:36:56 +02:00
Michael Stapelberg
0a14bc7f0c set HOME=/perm/home for persistent configs in interactive usage 
As a welcome side effect, this enables persistent shell history by default!
 2022-03-31 19:36:44 +02:00
Michael Stapelberg
0ee50d0171 breakglass: read host-specific http-port.txt 2022-03-26 19:42:52 +01:00
Michael Stapelberg
7131bc5abe GitHub Actions: bump to Go 1.18 2022-03-20 16:01:31 +01:00
Christian Heusel
f41ca45656 add an optional banner to greet the user 2022-03-07 08:56:23 +01:00
Christian Heusel
ae89d9b070 Add a warning for ssh-rsa keys in authorized keys 
https://github.com/gokrazy/breakglass/issues/11
 2022-03-07 08:56:23 +01:00
Christian Heusel
0fd4350464 make the port configurable for development 2022-03-07 08:56:23 +01:00
Christian Heusel
26c3398fb8
Document that RSA keys do not work (#12) 
See issue gokrazy/breakglass#11 for further discussion
 2022-03-04 22:23:08 +01:00
Christian Heusel
63f8dd47bf
Correct minor typo (#10) 2022-03-03 08:14:22 +01:00
Michael Stapelberg
9d823f94f0 README: explicitly mention both packages 2022-01-03 11:40:57 +01:00
Michael Stapelberg
ae8e20729e README: line-wrap 2022-01-03 11:40:21 +01:00
Michael Stapelberg
77705dbe49 update README to use package config for authorized keys 
Now that the host key is created automatically, this allows using breakglass
without ever creating or modifying a permanent partition.
 2022-01-03 11:39:01 +01:00
andig
9bea6256b0
Create host key if not found (#8) 2021-12-19 18:50:16 +01:00
Michael Stapelberg
339c9ce56c GitHub Actions: trigger on all branches 2021-11-28 16:00:38 +01:00
Michael Stapelberg
83d59cddd7 recommend ed25519 host keys 
Newer OpenSSH versions seem to have problems with (some?) older ssh-rsa keys,
so I figured we could switch to ed25519 and avoid any confusion regarding
ssh-rsa support.
 2021-11-28 15:58:55 +01:00
Michael Stapelberg
21a04c8c8b pull in latest golang.org/x/crypto 2021-11-28 12:03:48 +01:00
Michael Stapelberg
d06342049c add GitHub Actions config 2021-10-24 18:19:34 +02:00
Michael Stapelberg
0c9f029ca2 upgrade to latest gokrazy/... packages 2021-10-24 18:19:06 +02:00
Michael Stapelberg
33834ea6fa allow overwriting the gokrazy URL prefix 
The special syntax :1080 means “use the default, but force port to 1080”,
which is useful when you are running the gokrazy web interface on a different
port because you need port 80 for your web appliance.
 2021-10-24 18:10:37 +02:00
Michael Stapelberg
9eab5f8b0d add -prepare and -ssh_config flags for usage in SSH ProxyCommand 
E.g.:

Host router7
	ProxyCommand /bin/sh -c 'breakglass -prepare_only -ssh_config=/dev/null -debug_tarball_pattern=$HOME/gokrazy/debug-\${GOARCH}.tar %h; /usr/bin/nc %h %p'
 2021-09-19 19:12:47 +02:00
Michael Stapelberg
b54c2f919e SSH: wire up SFTP subsystem 2021-06-06 13:54:30 +02:00
andig
1a4768ba69
Add port forwarding (-forward flag) (#7) 2021-01-18 09:46:20 +01:00
Michael Stapelberg
efff2172ee breakglass: use internal/config to read HTTP password 2020-05-27 18:38:58 +02:00
Michael Stapelberg
942ef7f559 README: update to use breakglass tool 2020-05-25 09:45:45 +02:00
Michael Stapelberg
8157f8ee60 add breakglass SSH wrapper tool (for convenience) 2020-05-25 09:31:54 +02:00
Michael Stapelberg
6a8318bdb5 pick up shell from github.com/gokrazy/serial-busybox if present 
This allows users to use breakglass without having to upload their own shell (as
a fallback).
 2020-05-25 08:58:37 +02:00
Michael Stapelberg
00ea9a7166 link to README section “installation” when keys are missing 2020-04-08 14:29:10 +02:00
Michael Stapelberg
3bc0b09635 README: ssh: any type works 2019-09-28 11:07:43 +02:00
Michael Stapelberg
f51c367b88 README: ssh: use a clearer example in the installation instructions 2019-09-28 11:07:07 +02:00
Michael Stapelberg
ae96dda1f3 declare a Go module 2019-03-21 09:37:16 +01:00
Michael Stapelberg
1cd81ed58b parse SSH keys line-wise, skip empty/comments 
fixes #3
 2019-03-21 09:36:40 +01:00
Michael Stapelberg
d3f89caa0a README: use sdx to prevent mistakes 2019-02-07 14:41:23 +01:00
Anisse Astier
9d10c020d8 ssh: fix shell payload string length (#2) 
Using ssh.Unmarshal since commit c11ed6a015a8da means the "shell" payload should be propely formatted, with a specified string length. Otherwise, when attempting to connect, you'll see this message in the gokrazy stderr:
ssh: parse error in message type 0

that's because in x/crypto/ssh, the parseString() method expects a length before the string. If length is 0, there will be remaining unparsed data, and an error.
 2018-12-28 16:20:43 +01:00
Michael Stapelberg
05fda29dea scp: don’t error out on directories in the tarball 2018-12-15 14:47:34 +01:00
Michael Stapelberg
c11ed6a015 use ssh.Unmarshal 
Thanks to Merovius for the hint.
 2018-10-29 18:42:56 +01:00
Axel Wagner
77088e03a7 Forward correct exit status to client (#1) 2018-10-25 12:49:32 +02:00
Michael Stapelberg
a1fd5f6920 ensure processes are killed when client disconnects 2018-07-22 23:04:18 +02:00