{"id":15517553,"url":"https://github.com/bodgit/sshkrb5","last_synced_at":"2025-04-23T04:28:20.507Z","repository":{"id":38313159,"uuid":"325680884","full_name":"bodgit/sshkrb5","owner":"bodgit","description":"Golang library providing GSSAPI middleware for crypto/ssh","archived":false,"fork":false,"pushed_at":"2025-03-25T06:29:04.000Z","size":247,"stargazers_count":4,"open_issues_count":4,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-17T19:18:25.727Z","etag":null,"topics":["go","golang","golang-library","gssapi","kerberos","ssh","ssh-client","sspi"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bodgit.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-12-31T01:02:14.000Z","updated_at":"2024-12-14T00:37:29.000Z","dependencies_parsed_at":"2023-12-22T10:30:02.813Z","dependency_job_id":"747eafab-b78d-4221-b8b4-9dc5fd330f52","html_url":"https://github.com/bodgit/sshkrb5","commit_stats":{"total_commits":107,"total_committers":3,"mean_commits":"35.666666666666664","dds":0.3271028037383178,"last_synced_commit":"bb1f32fec9504e7a960cafa705c208a3144c3f99"},"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bodgit%2Fsshkrb5","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bodgit%2Fsshkrb5/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bodgit%2Fsshkrb5/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bodgit%2Fsshkrb5/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bodgit","download_url":"https://codeload.github.com/bodgit/sshkrb5/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250370054,"owners_count":21419328,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["go","golang","golang-library","gssapi","kerberos","ssh","ssh-client","sspi"],"created_at":"2024-10-02T10:13:46.047Z","updated_at":"2025-04-23T04:28:20.489Z","avatar_url":"https://github.com/bodgit.png","language":"Go","readme":"[![GitHub release](https://img.shields.io/github/v/release/bodgit/sshkrb5)](https://github.com/bodgit/sshkrb5/releases)\n[![Build Status](https://img.shields.io/github/actions/workflow/status/bodgit/sshkrb5/build.yml?branch=main)](https://github.com/bodgit/sshkrb5/actions?query=workflow%3ABuild)\n[![Coverage Status](https://coveralls.io/repos/github/bodgit/sshkrb5/badge.svg?branch=main)](https://coveralls.io/github/bodgit/sshkrb5?branch=main)\n[![Go Report Card](https://goreportcard.com/badge/github.com/bodgit/sshkrb5)](https://goreportcard.com/report/github.com/bodgit/sshkrb5)\n[![GoDoc](https://godoc.org/github.com/bodgit/sshkrb5?status.svg)](https://godoc.org/github.com/bodgit/sshkrb5)\n![Go version](https://img.shields.io/badge/Go-1.23-brightgreen.svg)\n![Go version](https://img.shields.io/badge/Go-1.22-brightgreen.svg)\n\n# GSSAPI middleware for crypto/ssh\n\nThe [github.com/bodgit/sshkrb5](https://godoc.org/github.com/bodgit/sshkrb5)\npackage implements the `GSSAPIClient` \u0026 `GSSAPIServer` interfaces in\n[golang.org/x/crypto/ssh](https://godoc.org/golang.org/x/crypto/ssh).\n\nOn non-Windows platforms GSSAPI is supported through either\n[github.com/jcmturner/gokrb5](https://github.com/jcmturner/gokrb5) or\n[github.com/openshift/gssapi](https://github.com/openshift/gssapi). On\nWindows, SSPI is supported using\n[github.com/alexbrainman/sspi](https://github.com/alexbrainman/sspi).\n\nIt has been tested successfully against OpenSSH.\n\nSample client:\n\n```golang\npackage main\n\nimport (\n\t\"net\"\n\t\"os\"\n\t\"os/user\"\n\n\t\"github.com/bodgit/sshkrb5\"\n\t\"golang.org/x/crypto/ssh\"\n)\n\nfunc main() {\n\thostname := os.Args[1]\n\n\tu, err := user.Current()\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\n\tgssapi, err := sshkrb5.NewClient()\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\tdefer gssapi.Close()\n\n\tconfig := \u0026ssh.ClientConfig{\n\t\tUser: u.Username,\n\t\tAuth: []ssh.AuthMethod{\n\t\t\tssh.GSSAPIWithMICAuthMethod(gssapi, hostname),\n\t\t},\n\t\tHostKeyCallback: ssh.InsecureIgnoreHostKey(),\n\t}\n\n\tclient, err := ssh.Dial(\"tcp\", net.JoinHostPort(hostname, \"22\"), config)\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\tdefer client.Close()\n\n\tsession, err := client.NewSession()\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\tdefer session.Close()\n\n\tb, err := session.Output(\"whoami\")\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\tos.Stdout.Write(b)\n}\n```\n\nSample server:\n\n```golang\npackage main\n\nimport (\n\t\"bytes\"\n\t\"crypto/rand\"\n\t\"crypto/rsa\"\n\t\"crypto/x509\"\n\t\"encoding/pem\"\n\t\"fmt\"\n\t\"net\"\n\n\t\"github.com/bodgit/sshkrb5\"\n\t\"golang.org/x/crypto/ssh\"\n)\n\nfunc main() {\n\tkey, err := rsa.GenerateKey(rand.Reader, 2048)\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\n\tbuf := new(bytes.Buffer)\n\tif err := pem.Encode(buf, \u0026pem.Block{Type: \"RSA PRIVATE KEY\", Bytes: x509.MarshalPKCS1PrivateKey(key)}); err != nil {\n\t\tpanic(err)\n\t}\n\n\tprivate, err := ssh.ParsePrivateKey(buf.Bytes())\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\n\tgssapi, err := sshkrb5.NewServer()\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\tdefer gssapi.Close()\n\n\tconfig := \u0026ssh.ServerConfig{\n\t\tGSSAPIWithMICConfig: \u0026ssh.GSSAPIWithMICConfig{\n\t\t\tAllowLogin: func(c ssh.ConnMetadata, name string) (*ssh.Permissions, error) {\n\t\t\t\treturn nil, nil\n\t\t\t},\n\t\t\tServer: gssapi,\n\t\t},\n\t}\n\n\tconfig.AddHostKey(private)\n\n\tlistener, err := net.Listen(\"tcp\", \"0.0.0.0:22\")\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\tdefer listener.Close()\n\n\tgo func() {\n\t\tfor {\n\t\t\tconn, err := listener.Accept()\n\t\t\tif err != nil {\n\t\t\t\tcontinue\n\t\t\t}\n\n\t\t\t_, chans, reqs, err := ssh.NewServerConn(conn, config)\n\t\t\tif err != nil {\n\t\t\t\tcontinue\n\t\t\t}\n\n\t\t\tgo ssh.DiscardRequests(reqs)\n\t\t\tgo handleChannels(chans)\n\t\t}\n\t}()\n}\n\nfunc handleChannels(chans \u003c-chan ssh.NewChannel) {\n\tfor newChannel := range chans {\n\t\tgo handleChannel(newChannel)\n\t}\n}\n\nfunc handleChannel(newChannel ssh.NewChannel) {\n\tif t := newChannel.ChannelType(); t != \"session\" {\n\t\t_ = newChannel.Reject(ssh.UnknownChannelType, fmt.Sprintf(\"unknown channel type: %s\", t))\n\n\t\treturn\n\t}\n\n\t_, requests, err := newChannel.Accept()\n\tif err != nil {\n\t\treturn\n\t}\n\n\tgo ssh.DiscardRequests(requests)\n}\n```\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbodgit%2Fsshkrb5","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbodgit%2Fsshkrb5","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbodgit%2Fsshkrb5/lists"}