summaryrefslogtreecommitdiffhomepage
path: root/ssh/tailssh
AgeCommit message (Collapse)AuthorFilesLines
2022-03-19ssh/tailssh: start of implementing optional session recordingBrad Fitzpatrick1-5/+193
To asciinema cast format. Updates #3802 Change-Id: Ifd3ea31922cd2c99068369cb1650e21f2545b0e1 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-18all: use cibuild.OnJosh Bleecher Snyder1-6/+3
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2022-03-18ssh/tailssh_test: skip TestSSH/stdin in CIMaisem Ali1-0/+5
Updates #4051 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-17ssh/tailssh_test: Skip the env test in CIMaisem Ali1-3/+5
Updates #4051 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-17all: use any instead of interface{}Josh Bleecher Snyder2-4/+4
My favorite part of generics. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2022-03-14tailcfg: add field to allow LocalPortForwarding in SSHActionMaisem Ali1-9/+12
Updates #3802, #4129 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-14ssh/tailssh: add support for agent forwarding.Maisem Ali2-5/+59
Updates #3802 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-14ssh/tailssh: add a new sshSession type to clean up existing+future codeBrad Fitzpatrick3-89/+188
Updates #3802 Change-Id: I7054dca387f5e5aee1185937ecf41b77a5a07f1a Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> Co-authored-by: Maisem Ali <maisem@tailscale.com>
2022-03-12ssh/tailssh: start sending the server versionMaisem Ali1-0/+1
Updates #3802 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-12ssh/tailssh: set DBUS_SESSION_BUS_ADDRESS and SSH_TTY variablesMaisem Ali2-0/+6
Updates #3802 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-12ssh/tailssh: handle terminal opcodesMaisem Ali2-27/+95
Updates #3802 #4146 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-12go.mod: move from github.com/gliderlabs/ssh to github.com/tailscale/sshMaisem Ali3-3/+3
Updates #4146 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-12ssh/tailssh: fix terminal corruption (temporary hack)Brad Fitzpatrick1-1/+9
Maisem figured out the real problem but will take several commits (e.g. tailscale/ssh#2) in different repos to get it fixed properly. This is an interim hack. Details of real fix: https://github.com/tailscale/tailscale/issues/4146#issuecomment-1065952947 Updates #4146 Updates #3802 Change-Id: I7b7dc5713baa3e5de75b87b69e7179a6e7549b0b Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-11ssh/tailssh: make pty termios options match OpenSSHBrad Fitzpatrick1-5/+44
Still not sure the exact rules of how/when/who's supposed to set these, but this works for now on making them match. Baby steps. Will research more and adjust later. Updates #4146 (but not enough to fix it, something's still wrong) Updates #3802 Change-Id: I496d8cd7e31d45fe9ede88fc8894f35dc096de67 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-10ssh/tailssh: start login shell, fix arg passing, width/height mismatchBrad Fitzpatrick1-14/+27
Updates #3802 Change-Id: I137d7a79195ee86d5dd7c8999f2797fc3cb57cec Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-10ssh/tailssh, ipnlocal, controlclient: fetch next SSHAction from networkBrad Fitzpatrick1-12/+66
Updates #3802 Change-Id: I08e98805ab86d6bbabb6c365ed4526f54742fd8e Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-09ssh/tailssh: handle local port forwardingMaisem Ali2-3/+54
Updates #3802 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-08ssh/tailssh: use lu.Username not lu.Name.Maisem Ali1-1/+1
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-08ssh/tailssh: create login sessions for new connectionsMaisem Ali4-186/+593
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-03-01ssh/tailssh: skip flaky test on CI for nowBrad Fitzpatrick1-0/+3
Updates #4051 Change-Id: I94f2165dd248eba9ca3f782c907a13bd6dde4a5e Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-28ipn/store: add common package for instantiating ipn.StateStoresMaisem Ali1-2/+2
Also move KubeStore and MemStore into their own package. RELNOTE: tsnet now supports providing a custom ipn.StateStore. Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-02-24ssh/tailssh: add more SSH tests, blend in env from ssh sessionBrad Fitzpatrick2-8/+78
Updates #3802 Change-Id: I568c661cacbb0524afcd8be9577457ddba611f19 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-24cmd/tailscaled/childproc: add be-child registration mechanismBrad Fitzpatrick1-0/+10
For ssh and maybe windows service babysitter later. Updates #3802 Change-Id: I7492b98df98971b3fb72d148ba92c2276cca491f Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-24ssh/tailssh: add start of real ssh testsBrad Fitzpatrick2-12/+104
Updates #3802 Change-Id: I9aea4250062d3a06ca7a5e71a81d31c27a988615 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-24ssh: make it build on darwinBrad Fitzpatrick2-4/+4
For local dev testing initially. Product-wise, it'll probably only be workable on the two unsandboxed builds. Updates #3802 Change-Id: Ic352f966e7fb29aff897217d79b383131bf3f92b Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-24ssh/tailssh: fix non-interactive commands as non-root userBrad Fitzpatrick1-3/+6
Updates #3802 Change-Id: I89a3f14420b8782bc407b1939dce54a1d24636da Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-24ssh/tailssh: break a method into half in prep for testingBrad Fitzpatrick2-9/+108
And add a private context type in the process. Updates #3802 Change-Id: I257187f4cfb0f2248d95b81c1dfe0911ef203b60 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-24ssh/tailssh: rename sshContext to sshConnInfoBrad Fitzpatrick2-24/+24
So it's not confused for a context.Context and we can add contexts later and not look like we have two. Updates #3802 Change-Id: Icf229ae2c020d173f3cbf09a13ccd03a60cbb85e Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-23ssh/tailssh: flesh out env, support non-pty commandsBrad Fitzpatrick1-31/+105
Updates #3802 Change-Id: I7022460117542a5424919144828bf571c7c19ec0 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-18ssh/tailssh: get login shell when running as non-rootBrad Fitzpatrick1-5/+35
And also reject attempts to use other users. Updates #3802 Change-Id: Iddc85f6ea2dba17d12be66a50408d24c1f92833e Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-18ssh/tailssh: evaluate tailcfg.SSHPolicy on incoming connectionsBrad Fitzpatrick2-13/+317
Updates #3802 Fixes #3960 Change-Id: Ieda2007d462ddce6c217b958167417ae9755774e Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-17tailcfg, ipn/ipnlocal: add Hostinfo.SSH_HostKeys, send when SSH enabledBrad Fitzpatrick1-1/+1
(The name SSH_HostKeys is bad but SSHHostKeys is worse.) Updates #3802 Change-Id: I2a889019c9e8b065b668dd58140db4fcab868a91 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-17ipnlocal, tailssh: start moving host key stuff into the right spotBrad Fitzpatrick1-11/+7
Make tailssh ask LocalBackend for the SSH hostkeys, as we'll need to distribute them to peers. For now only the hacky use-same-as-actual-host mode is implemented. Updates #3802 Change-Id: I819dcb25c14e42e6692c441186c1dc744441592b Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-15ssh/tailssh: move SSH code from wgengine/netstack to this new packageBrad Fitzpatrick1-0/+156
Still largely incomplete, but in a better home now. Updates #3802 Change-Id: I46c5ffdeb12e306879af801b06266839157bc624 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.