Goph v2
Goph v2 brings Functional options API, context-aware commands, SOCKS5 proxy, jump hosts, lazy agent sockets, and many more features.
Breaking Changes
-
Removed
goph.Authtype andgoph.Configstruct.- Replaced by functional options passed directly to
goph.New.
- Replaced by functional options passed directly to
-
Removed constructors:
NewUnknown,NewConn.- Use
goph.New(user, addr, opts...)withWithInsecureIgnoreHostKey()where needed.
- Use
-
Removed auth constructor functions:
goph.Password(),goph.Key(),goph.UseAgent().- Replaced by
WithPassword,WithKeyFile,WithDefaultAgent,WithAgentSocketetc.
- Replaced by
-
Client.Configfield removed.*ssh.ClientConfigis now ephemeral: built inNew, passed to options and dial helpers, then discarded. It is no longer stored on the connectedClient.
-
Renamed key auth options:
WithKey(file, passphrase)=>WithKeyFile(file, passphrase)WithRawKey(pem, passphrase)=>WithKey(pem, passphrase)
-
Renamed key parsing helpers:
GetSigner(file, passphrase)=>ParseKeyFile(file, passphrase)GetSignerForRawKey(key, passphrase)=>ParseKey(key, passphrase)
New Features
-
Functional options API.
WithPassword,WithKeyFile,WithKey,WithAgent,WithAgentSocket,WithDefaultAgent,WithSigner,WithAuthWithPort,WithTimeout,WithKnownHosts,WithInsecureIgnoreHostKey,WithHostKeyCallback,WithBannerCallback,WithConfigWithProxy,WithJump
-
Dialerfor reusable connections.d := goph.NewDialer(opts...)thend.New(user, addr)for multiple hosts with shared defaults.
-
SOCKS5 proxy authentication.
WithProxycan accepts URLs with embedded credentials:socks5://user:pass@host:port.
-
Context-aware command cancellation.
RunContextandCommandContextacceptcontext.Context.- Cancellation sends
ssh.SIGINTto the remote session.
-
goph.Dial.goph.Dial(c *Client, config *ssh.ClientConfig) errorfor manualClientconstruction and customssh.ClientConfig.Clientnow storesUser;Dialdefaultsconfig.UsertoClient.Useror the current OS user when empty.- Direct TCP dials now respect
config.Timeout.
-
Security fixes.
WithPasswordno longer includes a keyboard-interactive fallback. Added standaloneWithKeyboardInteractive(handler)that gives callers full control over each server prompt (password, OTP, 2FA, etc.).Cmd.Stringwarning now clearly states thatPathandArgsare not shell-escaped and that callers must sanitize untrusted input.
-
Known-hosts helpers.
KnownHostsnow documents that the file must exist.- New
EnsureKnownHostscreates the file (and parent directory) if missing. DefaultKnownHostsusesEnsureKnownHostsso first-time users no longer hit a file-read error when~/.ssh/known_hostsis absent.
Pull Request by @melbahja in #78
Full Changelog v1.5.0...v2.0.1