summaryrefslogtreecommitdiffhomepage
path: root/ssh/tailssh/tailssh.go
AgeCommit message (Collapse)AuthorFilesLines
2022-09-15refactor: move from io/ioutil to io and os packagesEng Zer Jun1-2/+1
The io/ioutil package has been deprecated as of Go 1.16 [1]. This commit replaces the existing io/ioutil functions with their new definitions in io and os packages. Reference: https://golang.org/doc/go1.16#ioutil Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-09-15envknob: support changing envknobs post-initBrad Fitzpatrick1-7/+6
Updates #5114 Change-Id: Ia423fc7486e1b3f3180a26308278be0086fae49b Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-08-04syncs, all: move to using Go's new atomic types instead of oursBrad Fitzpatrick1-4/+4
Fixes #5185 Change-Id: I850dd532559af78c3895e2924f8237ccc328449d Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-08-02all: migrate more code code to net/netip directlyBrad Fitzpatrick1-3/+2
Instead of going through the tailscale.com/net/netaddr transitional wrappers. Updates #5162 Change-Id: I3dafd1c2effa1a6caa9b7151ecf6edd1a3fda3dd Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-08-02ssh/tailssh: fix deadlock in expandDelegateURLMaisem Ali1-4/+2
Also rename it to expandDelegateURLLocked, previously it was trying to acquire the mutex while holding the mutex. Fixes #5235 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-07-25all: convert more code to use net/netip directlyBrad Fitzpatrick1-4/+4
perl -i -npe 's,netaddr.IPPrefixFrom,netip.PrefixFrom,' $(git grep -l -F netaddr.) perl -i -npe 's,netaddr.IPPortFrom,netip.AddrPortFrom,' $(git grep -l -F netaddr. ) perl -i -npe 's,netaddr.IPPrefix,netip.Prefix,g' $(git grep -l -F netaddr. ) perl -i -npe 's,netaddr.IPPort,netip.AddrPort,g' $(git grep -l -F netaddr. ) perl -i -npe 's,netaddr.IP\b,netip.Addr,g' $(git grep -l -F netaddr. ) perl -i -npe 's,netaddr.IPv6Raw\b,netip.AddrFrom16,g' $(git grep -l -F netaddr. ) goimports -w . Then delete some stuff from the net/netaddr shim package which is no longer neeed. Updates #5162 Change-Id: Ia7a86893fe21c7e3ee1ec823e8aba288d4566cd8 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-07-25all: use various net/netip parse funcs directlyBrad Fitzpatrick1-1/+2
Mechanical change with perl+goimports. Changed {Must,}Parse{IP,IPPrefix,IPPort} to their netip variants, then goimports -d . Finally, removed the net/netaddr wrappers, to prevent future use. Updates #5162 Change-Id: I59c0e38b5fbca5a935d701645789cddf3d7863ad Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-07-25net/netaddr: start migrating to net/netip via new netaddr adapter packageBrad Fitzpatrick1-8/+8
Updates #5162 Change-Id: Id7bdec303b25471f69d542f8ce43805328d56c12 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-07-21ssh/tailssh: add "ssh" to conn logsMaisem Ali1-1/+1
Fixes #5089 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-07-21ssh/tailssh: handle not-authenticated-yet connections in matchRuleMaisem Ali1-13/+57
Also make more fields in conn.info thread safe, there was previously a data race here. Fixes #5110 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-07-15ssh/tailssh: better handling of signals and exitsMaisem Ali1-8/+15
We were not handling errors occurred while copying data between the subprocess and the connection. This makes it so that we pass the appropriate signals when to the process and the connection. This also fixes mosh. Updates #4919 Co-authored-by: James Tucker <raggi@tailscale.com> Co-authored-by: Brad Fitzpatrick <bradfitz@tailscale.com> Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-06-27ssh/tailssh: fix logging typoMaisem Ali1-1/+1
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-06-27ssh/tailssh: always use current time for policy evaluationMaisem Ali1-9/+6
Whenever the SSH policy changes we revaluate all open connections to make sure they still have access. This check was using the wrong timestamp and would match against expired policies, however this really isn't a problem today as we don't have policy that would be impacted by this check. Fixing it for future use. Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-06-27ssh/tailssh: allow multiple sessions on the same connMaisem Ali1-105/+143
Fixes #4920 Fixes tailscale/corp#5633 Updates #4479 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-06-02ssh/tailssh: add metricsBrad Fitzpatrick1-2/+44
Updates #3802 Change-Id: Ic9a4b8c51cff6dfe148a1c78bc0e5074195b7f80 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-05-30ipn/ipnlocal: shutdown sshServer on tailscale downMaisem Ali1-2/+2
Also lazify SSHServer initialization to allow restarting the server on a subsequent `tailscale up` Updates #3802 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-05-28ssh/tailssh: terminate sessions on stdout copy failuresMaisem Ali1-5/+6
Currently, killing a SCP copy with a Ctrl+C leaves the session hanging even though the stdout copy goroutine fails with an io.EOF. Taking a step back, when we are unable to send any more data back to the client we should just terminate the session as the client will stop getting any response from the server anyways. Updates #3802 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-05-28ssh/tailssh: terminate sessions when tailscaled shutsdownMaisem Ali1-8/+45
Ideally we would re-establish these sessions when tailscaled comes back up, however we do not do that yet so this is better than leaking the sessions. Updates #3802 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-05-05ssh/tailssh: handle Control-C during hold-and-delegate promptBrad Fitzpatrick1-3/+40
Fixes #4549 Change-Id: Iafc61af5e08cd03564d39cf667e940b2417714cc Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-29ssh/tailssh,ipn/ipnlocal: terminate any active sessions on `up --ssh=false`Maisem Ali1-0/+3
Currently the ssh session isn't terminated cleanly, instead the packets are just are no longer routed to the in-proc SSH server. This makes it so that clients get a disconnection when the `RunSSH` pref changes to `false`. Updates #3802 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-04-21util/mak: move tailssh's mapSet into a new package for reuse elsewhereBrad Fitzpatrick1-11/+4
Change-Id: Idfe95db82275fd2be6ca88f245830731a0d5aecf Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-21ssh/tailssh: various typo fixes, clarifications.David Anderson1-8/+7
Signed-off-by: David Anderson <danderson@tailscale.com>
2022-04-21ssh/tailssh: simplify matchRule with Reject rulesBrad Fitzpatrick1-1/+4
Updates #3802 Change-Id: I59fe111eef5ac8abbcbcec922e293712a65a4830 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-21ssh/tailssh: chmod the auth socket to be only user accessibleMaisem Ali1-1/+5
Updates #3802 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-04-21ssh/tailssh: set groups and gid in the incubated processMaisem Ali1-4/+10
Updates #3802 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-04-21tailcfg: fix typo in SessionDuration field nameBrad Fitzpatrick1-3/+3
Noted by @danderson. Updates #3802 Change-Id: Ide15f3f28e30f6abb5c94d7dcd218bd9482752a0 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-21ssh/tailssh: add support for sftpMaisem Ali1-22/+35
Updates #3802 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-04-20ssh/tailssh: fix double SSH-2.0- prefix in greeting bannerBrad Fitzpatrick1-1/+1
gliderlabs/ssh was already adding the "SSH-2.0-" prefix. Updates #3802 Change-Id: I19a1cd9308371a2898e7883cf26e94c9b54bab29 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-20ssh/tailssh: send banner messages during auth, move more to connMaisem Ali1-161/+165
(VSCode Live Share between Brad & Maisem!) Updates #3802 Change-Id: Id8edca4481b0811debfdf56d4ccb1a46f71dd6d3 Co-Authored-By: Brad Fitzpatrick <bradfitz@tailscale.com> Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-04-20ssh/tailssh: support expansions in public key fetch URL tooBrad Fitzpatrick1-1/+17
Updates #3802 Change-Id: I5aa98bdab14fd1c1c00ba63b93f8d7e670f72437 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-20ssh/tailssh: terminate ssh auth early if no policy can matchMaisem Ali1-137/+207
Also bump github.com/tailscale/golang-x-crypto/ssh Updates #3802 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-04-20ipn/ipnlocal: reject tailscale up --ssh if disabled on tailnetBrad Fitzpatrick1-2/+2
Updates #3802 Change-Id: I3f1e839391fe9b28270f506f4bb8d8e3d36716f5 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-18ssh/tailssh: make checkStillValid also consider username changesMaisem Ali1-2/+2
Currently if the policy changes and the session is logged in with local user "u1" and the new policy says they can only login with "u2" now, the user doesn't get kicked out because they had requested `rando@<ssh-host>` and the defaulting had made that go to `u1`. Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-04-18ssh/tailssh: cache public keys fetched from URLsBrad Fitzpatrick1-21/+105
Updates #3802 Change-Id: I96715bae02bce6ea19f16b1736d1bbcd7bcf3534 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-17ssh/tailssh: close sessions on policy change if no longer allowedBrad Fitzpatrick1-26/+46
Updates #3802 Change-Id: I98503c2505b77ac9d0cc792614fcdb691761a70c Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-15ssh/tailssh: make the SSH server a singleton, register with LocalBackendBrad Fitzpatrick1-35/+33
Remove the weird netstack -> tailssh dependency and instead have tailssh register itself with ipnlocal when linked. This makes tailssh.server a singleton, so we can have a global map of all sessions. Updates #3802 Change-Id: Iad5caec3a26a33011796878ab66b8e7b49339f29 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-04-15tailcfg, ssh/tailssh: optionally support SSH public keys in wire policyBrad Fitzpatrick1-51/+224
And clean up logging. Updates #3802 Change-Id: I756dc2d579a16757537142283d791f1d0319f4f0 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-29go.mod, ssh/tailssh, tempfork/gliderlabs: bump x/crypto/ssh fork for ↵Brad Fitzpatrick1-0/+5
NoClientAuthCallback Prep for evaluating SSHPolicy earlier to decide whether certs are required, which requires knowing the target SSH user. Updates #3802 Change-Id: I2753ec8069e7f19c9121300d0fb0813c1c627c36 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-26tempfork: temporarily fork gliderlabs/ssh and x/crypto/sshBrad Fitzpatrick1-1/+1
While we rearrange/upstream things. gliderlabs/ssh is forked into tempfork from our prior fork at https://github.com/tailscale/ssh/commit/be8b7add4057ef5a8e458b42331a7633c06d026a x/crypto/ssh OTOH is forked at https://github.com/tailscale/golang-x-crypto because it was gnarlier to vendor with various internal packages, etc. Its git history shows where it starts (2c7772ba30643b7a2026cbea938420dce7c6384d). Updates #3802 Change-Id: I546e5cdf831cfc030a6c42557c0ad2c58766c65f Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-22ssh/tailssh, tailcfg: add more HoldAndDelegate expansions, documentBrad Fitzpatrick1-4/+7
Updates #3802 Change-Id: I447f06b49e2a917bffe36881d0634c9195085512 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-22ssh/tailssh: support placeholders in SSHAction.HoldAndDelegate URLBrad Fitzpatrick1-27/+62
Updates #3802 Change-Id: I60f9827409d14fd4f4824d102ba11db49bf0d365 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-21tailcfg, ssh/tailssh: make SSHUser value '=' map ssh-user to same local-userBrad Fitzpatrick1-3/+7
Updates #3802 Change-Id: Icde60d4150ca15c25d615a4effb3d3c236f020a8 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-19ssh/tailssh: start of implementing optional session recordingBrad Fitzpatrick1-5/+193
To asciinema cast format. Updates #3802 Change-Id: Ifd3ea31922cd2c99068369cb1650e21f2545b0e1 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-14tailcfg: add field to allow LocalPortForwarding in SSHActionMaisem Ali1-9/+12
Updates #3802, #4129 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-14ssh/tailssh: add support for agent forwarding.Maisem Ali1-5/+55
Updates #3802 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-14ssh/tailssh: add a new sshSession type to clean up existing+future codeBrad Fitzpatrick1-57/+126
Updates #3802 Change-Id: I7054dca387f5e5aee1185937ecf41b77a5a07f1a Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> Co-authored-by: Maisem Ali <maisem@tailscale.com>
2022-03-12ssh/tailssh: start sending the server versionMaisem Ali1-0/+1
Updates #3802 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-12ssh/tailssh: handle terminal opcodesMaisem Ali1-9/+5
Updates #3802 #4146 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-12go.mod: move from github.com/gliderlabs/ssh to github.com/tailscale/sshMaisem Ali1-1/+1
Updates #4146 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-12ssh/tailssh: fix terminal corruption (temporary hack)Brad Fitzpatrick1-1/+9
Maisem figured out the real problem but will take several commits (e.g. tailscale/ssh#2) in different repos to get it fixed properly. This is an interim hack. Details of real fix: https://github.com/tailscale/tailscale/issues/4146#issuecomment-1065952947 Updates #4146 Updates #3802 Change-Id: I7b7dc5713baa3e5de75b87b69e7179a6e7549b0b Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.