From 0a6aa355089d2a74fbe0198dda54dd3d0aa0d427 Mon Sep 17 00:00:00 2001 From: iuu <2167162990@qq.com> Date: Fri, 21 Feb 2025 10:35:13 +0000 Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0=20sshtunnel/ssh.go?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 新增密钥登陆功能 --- sshtunnel/ssh.go | 148 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 146 insertions(+), 2 deletions(-) diff --git a/sshtunnel/ssh.go b/sshtunnel/ssh.go index fc37d69..ad924b3 100644 --- a/sshtunnel/ssh.go +++ b/sshtunnel/ssh.go @@ -46,8 +46,39 @@ func (st *SSHTunnel) GetSSHClient() (*ssh.Client, error) { } var auth []ssh.AuthMethod auth = make([]ssh.AuthMethod, 0) - auth = append(auth, ssh.Password(st.config.Pass)) + // 如果配置中有密钥字符串,使用密钥认证 + if st.config.Key != "" { + //fmt.Println(st.config.Key) + if st.config.KeyPass != "" { + // 使用 passphrase 解密密钥字符串 + passphrase := "admin" // 提供密码来解密密钥 + // 解析加密的密钥字符串 + signer, err := ssh.ParsePrivateKeyWithPassphrase([]byte(st.config.Key), []byte(passphrase)) + if err != nil { + return nil, fmt.Errorf("解析私钥失败: %v", err) + } + auth = append(auth, ssh.PublicKeys(signer)) + } else { + //signer, err := ssh.ParsePrivateKeyWithPassphrase([]byte(st.config.Key), []byte(passphrase)) + //if err != nil { + // return nil, fmt.Errorf("解析私钥失败: %v", err) + //} + + // 解析密钥字符串 + signer, err := ssh.ParsePrivateKey([]byte(st.config.Key)) + if err != nil { + return nil, fmt.Errorf("解析私钥失败: %v", err) + } + + auth = append(auth, ssh.PublicKeys(signer)) + } + } else { + // 否则使用密码认证 + auth = append(auth, ssh.Password(st.config.Pass)) + } + + // 创建 SSH 客户端配置 sc := &ssh.ClientConfig{ User: st.config.User, Auth: auth, @@ -55,15 +86,128 @@ func (st *SSHTunnel) GetSSHClient() (*ssh.Client, error) { return nil }, } + + // 尝试连接 SSH 服务器 var err error st.client, err = ssh.Dial("tcp", st.config.Addr, sc) if err != nil { return nil, err } + log.Printf("连接到服务器成功: %s", st.config.Addr) - return st.client, err + return st.client, nil } +//func (st *SSHTunnel) GetSSHClient() (*ssh.Client, error) { +// if st.client != nil { +// return st.client, nil +// } +// var auth []ssh.AuthMethod +// auth = make([]ssh.AuthMethod, 0) +// auth = append(auth, ssh.Password(st.config.Pass)) +// +// sc := &ssh.ClientConfig{ +// User: st.config.User, +// Auth: auth, +// HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error { +// return nil +// }, +// } +// var err error +// st.client, err = ssh.Dial("tcp", st.config.Addr, sc) +// if err != nil { +// return nil, err +// } +// log.Printf("连接到服务器成功: %s", st.config.Addr) +// return st.client, err +//} + +//func (st *SSHTunnel) GetSSHClient() (*ssh.Client, error) { +// if st.client != nil { +// return st.client, nil +// } +// var auth []ssh.AuthMethod +// auth = make([]ssh.AuthMethod, 0) +// +// // 如果配置中有密钥文件路径,使用密钥认证 +// if st.config.Key != "" { +// key, err := ioutil.ReadFile(st.config.Key) +// if err != nil { +// return nil, fmt.Errorf("读取密钥文件失败: %v", err) +// } +// +// // 使用私钥进行认证 +// signer, err := ssh.ParsePrivateKey(key) +// if err != nil { +// return nil, fmt.Errorf("解析私钥失败: %v", err) +// } +// auth = append(auth, ssh.PublicKeys(signer)) +// } else { +// // 否则使用密码认证 +// auth = append(auth, ssh.Password(st.config.Pass)) +// } +// +// // 创建 SSH 客户端配置 +// sc := &ssh.ClientConfig{ +// User: st.config.User, +// Auth: auth, +// HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error { +// return nil +// }, +// } +// +// // 尝试连接 SSH 服务器 +// var err error +// st.client, err = ssh.Dial("tcp", st.config.Addr, sc) +// if err != nil { +// return nil, err +// } +// +// log.Printf("连接到服务器成功: %s", st.config.Addr) +// return st.client, nil +//} + +//func (st *SSHTunnel) GetSSHClient() (*ssh.Client, error) { +// if st.client != nil { +// return st.client, nil +// } +// var auth []ssh.AuthMethod +// auth = make([]ssh.AuthMethod, 0) +// +// // 如果配置中有密钥字符串,使用密钥认证 +// if st.config.Key != "" { +// fmt.Println(st.config.Key) +// // 解析密钥字符串 +// signer, err := ssh.ParsePrivateKey([]byte(st.config.Key)) +// if err != nil { +// return nil, fmt.Errorf("解析私钥失败: %v", err) +// } +// auth = append(auth, ssh.PublicKeys(signer)) +// } else { +// // 否则使用密码认证 +// auth = append(auth, ssh.Password(st.config.Pass)) +// } +// +// // 创建 SSH 客户端配置 +// sc := &ssh.ClientConfig{ +// User: st.config.User, +// Auth: auth, +// HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error { +// return nil +// }, +// } +// +// // 尝试连接 SSH 服务器 +// var err error +// st.client, err = ssh.Dial("tcp", st.config.Addr, sc) +// if err != nil { +// return nil, err +// } +// +// log.Printf("连接到服务器成功: %s", st.config.Addr) +// return st.client, nil +//} + func (st *SSHTunnel) connect(t Tunnel) { tid := fmt.Sprintf("%s-%s", t.Local, t.Remote) ll, err := net.Listen("tcp", t.Local)