621ae1b0d3
* move loading whitelist+ops from file to auth and save the loaded files fro reloading * add /whitelist command with lots of open questions * add test for /whitelist * gofmt * use the same auth (the tests don't seem to care, but htis is more right) * mutex whitelistMode and remove some deferred TODOs * s/whitelist/allowlist/ (user-facing); move helper functions outside the handler function * check for ops in Auth.CheckPublicKey and move /allowlist handling to helper functions * possibly fix the test timeout in HostNameCollision * Revert "possibly fix the test timeout in HostNameCollision" (didn't work) This reverts commit 664dbb0976f8f10ea7a673950a879591c2e7c320. * managed to reproduce the timeout after updating, hopefully it's the same one * remove some unimportant TODOs; add a message when reverify kicks people; add a reverify test * add client connection with key; add test for /allowlist import AGE * hopefully make test less racy * s/whitelist/allowlist/ * fix crash on specifying exactly one more -v flag than the max level * use a key loader function to move file reading out of auth * add loader to allowlist test * minor message changes * add --whitelist with a warning; update tests for messages * apparently, we have another prefix * check names directly on the User objects in TestHostNameCollision * not allowlisted -> not allowed * small message change * update test
ssh-chat
Custom SSH server written in Go. Instead of a shell, you get a chat prompt.
Demo
Join the party:
$ ssh ssh.chat
Please abide by our project's Code of Conduct while participating in chat.
The host's public key is ssh.chat ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKPrQofxXqoz2y9A7NFkkENt6iW8/mvpfes3RY/41Oyt and the fingerprint is SHA256:yoqMXkCysMTBsvhu2yRoMUl+EmZKlvkN+ZKmL3115xU (as of 2021-10-13).
If you see something different, you might be MITM'd.
(Apologies if the server is down, try again shortly.)
Downloading a release
Recent releases include builds for MacOS (darwin/amd64) and Linux (386, amd64, and ARM6 for your RaspberryPi).
Grab the latest binary release here.
Play around with it. Additional deploy examples are here.
Compiling / Developing
Most people just want the latest binary release. If you're sure you want to compile it from source, read on:
You can compile ssh-chat by using make build. The resulting binary is portable and
can be run on any system with a similar OS and CPU arch. Go 1.8 or higher is required to compile.
If you're developing on this repo, there is a handy Makefile that should set
things up with make run.
Additionally, make debug runs the server with an http pprof server. This allows you to open
http://localhost:6060/debug/pprof/ and view profiling data. See
net/http/pprof for more information about pprof.
Quick Start
Usage:
ssh-chat [OPTIONS]
Application Options:
-v, --verbose Show verbose logging.
--version Print version and exit.
-i, --identity= Private key to identify server with. (default: ~/.ssh/id_rsa)
--bind= Host and port to listen on. (default: 0.0.0.0:2022)
--admin= File of public keys who are admins.
--whitelist= Optional file of public keys who are allowed to connect.
--motd= Optional Message of the Day file.
--log= Write chat log to this file.
--pprof= Enable pprof http server for profiling.
Help Options:
-h, --help Show this help message
After doing go get github.com/shazow/ssh-chat/... on this repo, you should be able
to run a command like:
$ ssh-chat --verbose --bind ":22" --identity ~/.ssh/id_dsa
To bind on port 22, you'll need to make sure it's free (move any other ssh daemons to another port) and run ssh-chat as root (or with sudo).
Frequently Asked Questions
The FAQs can be found on the project's Wiki page. Feel free to submit more questions to be answered and added to the page.
License
MIT