Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Nick Schuch
    @nickschuch
    hi!
    I've implemented my own proxy using your library, any idea how I would forward ssh keys for passwordless auth on the destination host?
    tgic
    @tg123
    you cannot forward ssh keys. instead, you can fill up MapPublicKey, which returns the private key for target host, in SSHPiperConfig.
    Nick Schuch
    @nickschuch
    Is that just a limitation of the sshpiper framework or impossible?
    tgic
    @tg123
    impossible. security reason (man in the mid) see https://github.com/tg123/sshpiper#publickey-sign-again
    if you dont want to know the content in the ssh connections you can just forward tcp connections
    sshpiper has to understand the content of the ssh connection because it want to findupstream by username
    Nick Schuch
    @nickschuch
    yep, I definitely want to know the connection details so I can route to a specific ssh daemon. just wanting to also authenticate against that end ssh daemon service with the users ssh key for security reasons.
    tgic
    @tg123
    well that is why I made sshpiper. you can see my authentication and key mapping code https://github.com/tg123/sshpiper/blob/master/sshpiperd/workingdir.go#L152
    Valentin Marchaud
    @vmarchaud
    Hello, just asking a little question here, i need to allow that upstream and downstream username will be different, any idea how do that ?
    Valentin Marchaud
    @vmarchaud
    miss configuration sorry
    Erik Mitchell
    @mitc0185
    hey I am just starting to evaluate sshpiper and have a question -- can it do path based negotiation? That is, if I have one username, but two different locations, can those two locations be routed to two different servers on the back end?
    sftp://me@host1/path1 would go to sftp://me@host2/path and sftp://me@host1/path2 would go to sftp://me@host2/path
    wait
    no I got it right
    no I didnt
    sftp://me@host1/path2 would go to sftp://me@host3/path
    endigma
    @endigma
    is there a way to do wildcards or substitution
    in my setup username == internal domain name
    user@box.domain.com => user.internal
    olafur
    @olafur:causa.li
    [m]
    @endigma you can indeed modify the upstream user that sshpiper will login with yes as i understand it
    Can someone confirm that sshpiper does not allow forwarding based on hostname?
    endigma
    @endigma

    Can someone confirm that sshpiper does not allow forwarding based on hostname?

    SSH does not have a host header, there is no way for it to know the requested hostname

    SSH servers only recieve the user
    (as far as discriminating data goes)
    olafur
    @olafur:causa.li
    [m]
    Thank you very much @endigma . then the github should be updated no? It claims that it can route based on "user, src ip, etc."