SSH Server with commands filtering
Hi, I am willing to deploy on my server an SSH daemon which I can control what commands can be executed, and by who. After playing with jailkit [link] I realised that implementing my own SSH server will give me more power and scalability (especially regarding of users, keys and accounts management).
Naturally I approached twisted knowing it will solve this problem as a smart kiddo solves a simple safari puzzle.
Playing with samples found on the web and at Twisted docs, I realised that twisted has everything I need for the task, but I am missing the knowledge of how to glue it all together.
In fact, a command if not working on the first strike, works on the second try.
at http://gist.github.com/37446 I pasted the server.py code. which is a modification of what I've found at: http://twistedmatrix.com/projects/conch/documentation/examples/sshsimpleserv...
for instance trying to run git over ssh yeilds error at first, and when running again seems to be working. below is the console output on the client side
#first attempt tzury@regulus:~$ git clone ssh://tzury@localhost:5022/home/tzury/devel/ice/snoip/freespeech clone-repo7 Initialized empty Git repository in /home/tzury/clone-repo7/.git/ remote: Counting objects: 347, done. remote: Compressing objects: 100% (232/232), done. Receiving objects: 100% (347/347), 91.75 KiB, done. remote: Total 347 (delta 234), reused 177 (delta 114) fatal: The remote end hung up unexpectedly Resolving deltas: 100% (234/234), done. error: waitpid (async) failed fatal: error in sideband demultiplexer
#second attempt tzury@regulus:~$ git clone ssh://tzury@localhost:5022/home/tzury/devel/ice/snoip/freespeech clone-repo7 Initialized empty Git repository in /home/tzury/clone-repo7/.git/ remote: Counting objects: 347, done. remote: Compressing objects: 100% (232/232), done. Receiving objects: 100% (347/347), 91.75 KiB, done. remote: Total 347 (delta 234), reused 177 (delta 114) Resolving deltas: 100% (234/234), done. tzury@regulus:~$
Hi, I am willing to deploy on my server an SSH daemon which I can control what commands can be executed, and by who. After playing with jailkit [link] I realised that implementing my own SSH server will give me more power and scalability (especially regarding of users, keys and accounts management).
Naturally I approached twisted knowing it will solve this problem as a smart kiddo solves a simple safari puzzle.
Playing with samples found on the web and at Twisted docs, I realised that twisted has everything I need for the task, but I am missing the knowledge of how to glue it all together.
In fact, a command if not working on the first strike, works on the second try.
at http://gist.github.com/37446 I pasted the server.py code. which is a modification of what I've found at: http://twistedmatrix.com/projects/conch/documentation/examples/sshsimpleserv...
for instance trying to run git over ssh yeilds error at first, and when running again seems to be working. below is the console output on the client side
#first attempt tzury@regulus:~$ git clone ssh://tzury@localhost:5022/home/tzury/devel/ice/snoip/freespeech clone-repo7 Initialized empty Git repository in /home/tzury/clone-repo7/.git/ remote: Counting objects: 347, done. remote: Compressing objects: 100% (232/232), done. Receiving objects: 100% (347/347), 91.75 KiB, done. remote: Total 347 (delta 234), reused 177 (delta 114) fatal: The remote end hung up unexpectedly Resolving deltas: 100% (234/234), done. error: waitpid (async) failed fatal: error in sideband demultiplexer
#second attempt tzury@regulus:~$ git clone ssh://tzury@localhost:5022/home/tzury/devel/ice/snoip/freespeech clone-repo7 Initialized empty Git repository in /home/tzury/clone-repo7/.git/ remote: Counting objects: 347, done. remote: Compressing objects: 100% (232/232), done. Receiving objects: 100% (347/347), 91.75 KiB, done. remote: Total 347 (delta 234), reused 177 (delta 114) Resolving deltas: 100% (234/234), done. tzury@regulus:~$
participants (1)
-
Tzury Bar Yochay