Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/perbu/sshproxy

Last synced: about 2 months ago
JSON representation

Host: GitHub
URL: https://github.com/perbu/sshproxy
Owner: perbu
License: other
Created: 2022-03-23T13:17:51.000Z (almost 3 years ago)
Default Branch: main
Last Pushed: 2023-03-20T06:34:04.000Z (almost 2 years ago)
Last Synced: 2024-06-21T06:42:23.381Z (7 months ago)
Language: Go
Size: 28.3 KB
Stars: 0
Watchers: 2
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE.txt

Awesome Lists containing this project

README

        # sshproxy

This is a PoC ssh proxy written in Go. It is meant as a toy

proxy to play around with and help me figure out how exactly 

the ssh protocol works.

It is meant to be as simple as possible and the only significant dependency 

is the x/crypto/ssh package. I've seen some other implementations, but these 

have been rather complex with a heavy reliance on complex closures. 

Except for the obvious lack of security (it accepts any public key)

the code should be reasonably ready to be plopped into production.

## How it works

It binds to port 4222. On a successful authentication it will 

ssh into the destination (localhost:3222) and then proxy the connection.

## docker image.

## Alternative approach to proxying

This approach includes rather protocol-intensive proxying. I'm not familiar enough 

with SSH to know whether this could be done simpler, perhaps by copying the decrypted bytes

coming from the one connection to the next.

## Notable ssh proxies in Go

Other proxies and ssh implementations to look at:

 * https://github.com/appleboy/easyssh-proxy

 * https://github.com/blacknon/go-sshlib 

 * https://github.com/tsurubee/sshr

 * https://github.com/gliderlabs/ssh 

## How to build

See the Makefile. It should contain targets for all operations you'll need. 

## What is missing?

At the moment I've not tried sftp. I don't need it, I expect it would work but it does perhaps 

need changed to sshd_config to allow the sftp subsystem to be enabled.

## Hacks and uglyness.

When the channel of requests is closed the proxyRequest function will sleep for 10ms. This is to make

sure that stdout and stderr gets copied to the client. Suggestions for how to do this 

cleanly are welcome.