/
connector.go
54 lines (40 loc) · 1.44 KB
/
connector.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
package netconf
import (
"errors"
"time"
"github.com/Juniper/go-netconf/netconf"
"github.com/scottdware/go-junos"
"golang.org/x/crypto/ssh"
)
const defaultTimeout = 15 * time.Second
var newSession = junos.NewSessionWithConfig
// These types provide an abstraction for the underlying connector and
// connection to a NETCONF-enabled device, so that they can be unit tested.
type connection interface {
GetConfig(string, ...string) (string, error)
Close()
}
type connector interface {
NewSession(string, *junos.AuthMethod) (connection, error)
}
type junosConnector struct{}
func (junosConnector) NewSession(host string, auth *junos.AuthMethod) (connection, error) {
var config *ssh.ClientConfig
if len(auth.PrivateKey) == 0 {
return nil, errors.New("no private key specified")
}
config, err := netconf.SSHConfigPubKeyFile(auth.Username, auth.PrivateKey, auth.Passphrase)
if err != nil {
return nil, err
}
config.Timeout = defaultTimeout
// Every time the switch is rebooted, a new host key is generated.
// Since we don't have any mean to track host key changes at the moment,
// and we don't know which key is the "correct" one, we do not check the
// key here.
config.HostKeyCallback = ssh.InsecureIgnoreHostKey()
// This matches the only two key exchange algorithm we use on our switches.
config.Config.KeyExchanges = []string{"curve25519-sha256@libssh.org",
"diffie-hellman-group-exchange-sha256"}
return newSession(host, config)
}