/
from_config.go
79 lines (65 loc) · 1.56 KB
/
from_config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
package authmethods
import (
"io/ioutil"
"log"
"net"
"github.com/MOZGIII/dphx/internal/dphx/config"
"golang.org/x/crypto/ssh"
"golang.org/x/crypto/ssh/agent"
)
// FromConfig provides auth methods from config.
func FromConfig(cfg *config.SSH) ([]ssh.AuthMethod, error) {
signer, err := signerAuthMethod(cfg)
if err != nil {
return nil, err
}
return []ssh.AuthMethod{
signer,
ssh.Password(cfg.Password),
}, nil
}
func signerAuthMethod(cfg *config.SSH) (ssh.AuthMethod, error) {
signers := []ssh.Signer{}
{
if addr := cfg.AgentAddr; addr != "" {
newSigners, err := signersForAgent(addr)
if err != nil {
return nil, err
}
signers = append(signers, newSigners...)
} else {
log.Println("WARNING: SSH agent connection not configured, not using agent auth")
}
}
{
newSigners, err := signersForPublicKeyFiles(cfg.PublicKeys)
if err != nil {
return nil, err
}
signers = append(signers, newSigners...)
}
return ssh.PublicKeys(signers...), nil
}
func signersForAgent(agentAddr string) ([]ssh.Signer, error) {
sock, err := net.Dial("unix", agentAddr)
if err != nil {
return nil, err
}
agent := agent.NewClient(sock)
return agent.Signers()
}
func signersForPublicKeyFiles(publicKeys []string) ([]ssh.Signer, error) {
signers := []ssh.Signer{}
for _, path := range publicKeys {
pemBytes, err := ioutil.ReadFile(path) // nolint: gas, gosec
if err != nil {
return nil, err
}
signer, err := ssh.ParsePrivateKey(pemBytes)
if err != nil {
return nil, err
}
signers = append(signers, signer)
}
return signers, nil
}