forked from gravitational/teleport
-
Notifications
You must be signed in to change notification settings - Fork 0
/
constants.go
134 lines (99 loc) · 4.02 KB
/
constants.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
package teleport
import (
"time"
)
// WebAPIVersion is a current webapi version
const WebAPIVersion = "v1"
// ForeverTTL means that object TTL will not expire unless deleted
const ForeverTTL time.Duration = 0
const (
// SSHAuthSock is the environment variable pointing to the
// Unix socket the SSH agent is running on.
SSHAuthSock = "SSH_AUTH_SOCK"
// SSHAgentPID is the environment variable pointing to the agent
// process ID
SSHAgentPID = "SSH_AGENT_PID"
// SSHTeleportUser is the current Teleport user that is logged in.
SSHTeleportUser = "SSH_TELEPORT_USER"
// SSHSessionWebproxyAddr is the address the web proxy.
SSHSessionWebproxyAddr = "SSH_SESSION_WEBPROXY_ADDR"
// SSHTeleportClusterName is the name of the cluster this node belongs to.
SSHTeleportClusterName = "SSH_TELEPORT_CLUSTER_NAME"
// SSHTeleportHostUUID is the UUID of the host.
SSHTeleportHostUUID = "SSH_TELEPORT_HOST_UUID"
// SSHSessionID is the UUID of the current session.
SSHSessionID = "SSH_SESSION_ID"
)
const (
// TOTPValidityPeriod is the number of seconds a TOTP token is valid.
TOTPValidityPeriod uint = 30
// TOTPSkew adds that many periods before and after to the validity window.
TOTPSkew uint = 1
)
const (
// Component indicates a component of teleport, used for logging
Component = "component"
// ComponentFields stores component-specific fields
ComponentFields = "fields"
// ComponentReverseTunnel is reverse tunnel agent and server
// that together establish a bi-directional SSH revers tunnel
// to bypass firewall restrictions
ComponentReverseTunnel = "reversetunnel"
// ComponentAuth is the cluster CA node (auth server API)
ComponentAuth = "auth"
// ComponentNode is SSH node (SSH server serving requests)
ComponentNode = "node"
// ComponentProxy is SSH proxy (SSH server forwarding connections)
ComponentProxy = "proxy"
// ComponentTunClient is a tunnel client
ComponentTunClient = "tunclient"
// DebugEnvVar tells tests to use verbose debug output
DebugEnvVar = "DEBUG"
// VerboseLogEnvVar forces all logs to be verbose (down to DEBUG level)
VerboseLogsEnvVar = "TELEPORT_DEBUG"
// DefaultTerminalWidth defines the default width of a server-side allocated
// pseudo TTY
DefaultTerminalWidth = 80
// DefaultTerminalHeight defines the default height of a server-side allocated
// pseudo TTY
DefaultTerminalHeight = 25
// SafeTerminalType is the fall-back TTY type to fall back to (when $TERM
// is not defined)
SafeTerminalType = "xterm"
// ConnectorOIDC means connector type OIDC
ConnectorOIDC = "oidc"
// DataDirParameterName is the name of the data dir configuration parameter passed
// to all backends during initialization
DataDirParameterName = "data_dir"
// SSH request type to keep the connection alive. A client and a server keep
// pining each other with it:
KeepAliveReqType = "keepalive@openssh.com"
// OTP means One-time Password Algorithm for Two-Factor Authentication.
OTP = "otp"
// TOTP means Time-based One-time Password Algorithm. for Two-Factor Authentication.
TOTP = "totp"
// HOTP means HMAC-based One-time Password Algorithm.for Two-Factor Authentication.
HOTP = "hotp"
// U2F means Universal 2nd Factor.for Two-Factor Authentication.
U2F = "u2f"
// OFF means no second factor.for Two-Factor Authentication.
OFF = "off"
// Local means authentication will happen locally within the Teleport cluster.
Local = "local"
// OIDC means authentication will happen remotly using an OIDC connector.
OIDC = "oidc"
)
const (
// AuthorizedKeys are public keys that check against User CAs.
AuthorizedKeys = "authorized_keys"
// KnownHosts are public keys that check against Host CAs.
KnownHosts = "known_hosts"
)
const (
// CertExtensionPermitAgentForwarding allows agent forwarding for certificate
CertExtensionPermitAgentForwarding = "permit-agent-forwarding"
// CertExtensionPermitPTY allows user to request PTY
CertExtensionPermitPTY = "permit-pty"
// CertExtensionPermitPortForwarding allows user to request port forwarding
CertExtensionPermitPortForwarding = "permit-port-forwarding"
)