Adding SSH Key based access

yukirii · Mar 13, 2018 · 25d4127 · 25d4127
1 parent 3a2c8e7
commit 25d4127
Show file tree

Hide file tree

Showing 2 changed files with 49 additions and 5 deletions.
diff --git a/ssh.go b/ssh.go
@@ -3,8 +3,7 @@ package tmsh
 import (
 	"bytes"
 	"io"
-
-	"golang.org/x/crypto/ssh"
+    "golang.org/x/crypto/ssh"
 )
 
 type SSH interface {
@@ -32,8 +31,14 @@ func (ki keyboardInteractive) Challenge(user, instruction string, questions []st
 	return answers, nil
 }
 
-func newSSHConnection(addr, user, password string) (SSH, error) {
-	session, err := newSSHSession(addr, user, password)
+func newSSHConnection(addr, user, password string, key []byte) (SSH, error) {
+	var session *ssh.Session
+        var err error 
+        if len(password) > 0 {
+                session, err = newSSHSession(addr, user, password)
+        } else {
+                session, err = newSSHKeySession(addr, user, key)
+        } 
 	if err != nil {
 		return nil, err
 	}
@@ -107,6 +112,34 @@ func newSSHSession(addr, user, password string) (*ssh.Session, error) {
 	return session, nil
 }
 
+func newSSHKeySession(addr, user string, key []byte) (*ssh.Session, error) { 
+
+        signer, err := ssh.ParsePrivateKey(key)
+        if err != nil {
+                return nil, err
+        }
+
+        config := &ssh.ClientConfig{
+                User: user,
+                Auth: []ssh.AuthMethod {
+                       ssh.PublicKeys(signer),
+                },
+                HostKeyCallback: ssh.InsecureIgnoreHostKey(),
+        }
+
+        conn, err := ssh.Dial("tcp", addr, config)
+        if err != nil {
+                return nil, err
+        }
+
+        session, err := conn.NewSession()
+        if err != nil {
+                return nil, err
+        }
+
+        return session, nil
+}
+
 func (conn *sshConn) Send(cmd string) (int, error) {
 	return conn.stdin.Write([]byte(cmd + "\n"))
 }

diff --git a/tmsh.go b/tmsh.go
@@ -14,9 +14,20 @@ type BigIP struct {
 	sshconn SSH
 }
 
+// NewKeySession is NewSession plus key handling
+func NewKeySession(host, port, user string, key []byte) (*BigIP, error) {
+       return NewSession(host, port, user, "", key)
+}
+
 // NewSession sets up new SSH session to BIG-IP TMSH
 func NewSession(host, port, user, password string) (*BigIP, error) {
-	sshconn, err := newSSHConnection(host+":"+port, user, password)
+	return GenSession(host,post,user,password,[]byte{})
+}
+
+// GenSession handles either Password or SSH Key based..
+func GenSession(host, port, user, password string, key []byte) (*BigIP, error) {
+    sshconn, err := newSSHConnection(host+":"+port, user, password, key)
+
 	if err != nil {
 		return nil, err
 	}