fix(configtest,scan): support SSH config file #1388
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What did you implement:
I would like to support the case where a user tries to scan vuls with the host written in SSH Config.
Type of change
How Has This Been Tested?
ref: https://man7.org/linux/man-pages/man5/ssh_config.5.html
When user, port, and keyPath are not specified
master
It seems that user is always required.
MaineK00n/support-ssh-config
The user, port, and keypath information are all from ssh config, so they are not necessary.
Also, even if user and port are empty, they are set from the ssh settings. In this case, user = root and port = 2222.
When port, and keyPath are not specified
master
MaineK00n/support-ssh-config
When port is not specified
master
The port will always be set to the default value or 22, and it will look for known_hosts on that port.
The actual port to be used this time is 2222.
vuls/config/tomlloader.go
Lines 152 to 156 in 671be3f
MaineK00n/support-ssh-config
When keyPath is not specified
master
c.Host
does not resolve names, so it is necessary to usehostname
.https://github.com/future-architect/vuls/blob/master/scanner/serverapi.go#L378
https://github.com/future-architect/vuls/blob/master/scanner/serverapi.go#L383
MaineK00n/support-ssh-config
Checklist:
You don't have to satisfy all of the following.
make fmt
make test
Is this ready for review?: YES
Reference