Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

-i flag for tsh ssh implementation. #1063

Closed
wants to merge 9 commits into from
Closed

-i flag for tsh ssh implementation. #1063

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
91bd5d6
Minor chnges to tctl (langauge/naming)
kontsevoy Jun 10, 2017
c0d7ecb
Merge remote-tracking branch 'origin/master' into ev/i
kontsevoy Jun 10, 2017
7ed43d6
Removed "upserted" language from tctl CLI
kontsevoy Jun 10, 2017
efaf2dc
Added a bit more logging to session creation code
kontsevoy Jun 10, 2017
37319d6
Implemented identity loading
kontsevoy Jun 11, 2017
ef790ee
Added host authorization to identity-based auth
kontsevoy Jun 12, 2017
3ff5820
Covered host authentication with tests
kontsevoy Jun 12, 2017
d046eae
Merge branch 'master' into ev/i
kontsevoy Jun 12, 2017
63cef00
Code review edits
kontsevoy Jun 12, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,13 +26,13 @@ LIBS = $(shell find lib -type f -name '*.go') *.go
.PHONY: all
all: $(VERSRC) $(BINARIES)

$(BUILDDIR)/tctl: $(LIBS) $(TOOLS) tool/tctl/*.go
$(BUILDDIR)/tctl: $(LIBS) $(TOOLS) tool/tctl/common/*.go tool/tctl/*go
go build -o $(BUILDDIR)/tctl -i $(BUILDFLAGS) ./tool/tctl

$(BUILDDIR)/teleport: $(LIBS) tool/teleport/*.go tool/teleport/common/*.go
go build -o $(BUILDDIR)/teleport -i $(BUILDFLAGS) ./tool/teleport

$(BUILDDIR)/tsh: $(LIBS) tool/tsh/*.go
$(BUILDDIR)/tsh: $(LIBS) tool/tsh/*.go tool/tsh/common/*go
go build -o $(BUILDDIR)/tsh -i $(BUILDFLAGS) ./tool/tsh

.PHONY: goinstall
Expand Down
1 change: 1 addition & 0 deletions fixtures/certs/identities/ca.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
@cert-authority *.turing.local ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEk4cVIiydp9xSPIb8UqXpShY8zPlk/lpR69UL+0+RnNXtQl7GcQUZsrXDB2gOCfj+doKZj8Pt8oQVSDJF/vKhr+KS2Z+LC2Gyt8D5IY/acyyhSN5VoIo0JzIOr5CPGJNpLChREFuveV30hLihSfY52cqSvu7N5u34BlZ29WTLeBD9WssAG5HZUES8Xo3neHBl4SOck+mdiUvOIPhcnPiYRmYltOI3GJRu5y1xGemoPU3MnMziQMqnKCc2+To6IC8CkeQqa8D//BxLjenjSgn1K/SLUHraMb5qCmf77fyshj6A9jamgo0UOaOqem+jyg8idnz6JbVfXwW0nEaSyPzX type=host
28 changes: 28 additions & 0 deletions fixtures/certs/identities/cert-key.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
[email protected] AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAg0NeCnpO5ZAzWmMX6XwjrFyDi+JRrPLNb0vrEYqJp+bEAAAADAQABAAABAQC96eyjDJkj80k2JJ2imXQTXb4VfjEXHxPClX4uw0Th7dJ6NxvKb+AfAbaFdYu3xJjyUhFkHg0hPtMhe/ubq0wrejkTtYwd87iWj8wu+aiSziRexphXClxNt8RWv+1mgAVZuBSPHg4jykrYzpaQOqmIiOcMBpumFpwA2cXNRgLbEdZ4uwpNjBYwxGigh1m50OiFvcXFvrwvGkkqDwExIaCqSoK+E3NmTLt6I5eTVvjdhxSzKqwF65vY9XWqh4w1JP2NHCQSkyh2rlC4WM0mpkyL4ZmJdIsRFj1DxN7Ovma6HS8AKJeiDyShuWounwCsoK33onjr+ib9cYUAvsKTdB9pAAAAAAAAAAAAAAABAAAACmVrb250c2V2b3kAAAAOAAAACmVrb250c2V2b3kAAAAAAAAAAAAAAABZPPDKAAAAAAAAAHYAAAAWcGVybWl0LXBvcnQtZm9yd2FyZGluZwAAAAAAAAAKcGVybWl0LXB0eQAAAAAAAAAOdGVsZXBvcnQtcm9sZXMAAAAwAAAALHsidmVyc2lvbiI6InYxIiwicm9sZXMiOlsidXNlcjpla29udHNldm95Il19AAAAAAAAARcAAAAHc3NoLXJzYQAAAAMBAAEAAAEBAMA/0pVkfFhDPUDosZpM9nP/r/t6tORkmhXCxMkLZiS7+kg0htYSDLmwFGfzgSbYAH6Bryu9BZOxv1W23WW9oW7IdJpwfCpuyzFoRN0/2mHhAAHETtxucksTgYNwN+dDXF/IzG/QGVYswP4ENte4ZuNsd3bquBu+opK7CXU4B+UtsY0JUcV7gU5TzCZBdFpzLgB2VUpiHlFg0PUuV74aZmwzHlwoONBSIn2FZpHmvN2ZUdqTHSjof1vgH20cScMWGk05dFuM5gWjHEYC1gwdPpmTGcgN93SAQwKiAUQ6ZnJ+lVhzSp+/vxVz/aecDnrza+xI26DnB/nEEiCMu92WYxEAAAEPAAAAB3NzaC1yc2EAAAEAQRUml83QKsEeWB0WswfR1rvEzzumYRn/CAMTSGsF99bNzHmZ0lJbwCzNdl0hlJ3tGVPhANL5WwWuiLN1q6O8qrUU4cGJK3L8eNFUXmJIVc1xH2bIaws+nHikqPHnxbtAzJBbHeCngBX7eVT69bW6AdgWSHSzlPRaAaApMoEwVIMKOLiedjy7D9s/Cd+GtOtxTMoG/LmFBnvUiuXWwiQ658MRrg65ATl0x24ErJqz2cnj52Sy5G6SNUrENRqkP8TxRtp6a+FT1oJQ/2LqLwnlPQpb41j6fDqLRa47NU2TRnYRv0rhCMHO5tIhA51qhRlU9R2m5BH5o1JswN/phMgbjg==
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAvensowyZI/NJNiSdopl0E12+FX4xFx8TwpV+LsNE4e3Sejcb
ym/gHwG2hXWLt8SY8lIRZB4NIT7TIXv7m6tMK3o5E7WMHfO4lo/MLvmoks4kXsaY
VwpcTbfEVr/tZoAFWbgUjx4OI8pK2M6WkDqpiIjnDAabphacANnFzUYC2xHWeLsK
TYwWMMRooIdZudDohb3Fxb68LxpJKg8BMSGgqkqCvhNzZky7eiOXk1b43YcUsyqs
Beub2PV1qoeMNST9jRwkEpModq5QuFjNJqZMi+GZiXSLERY9Q8Tezr5muh0vACiX
og8koblqLp8ArKCt96J46/om/XGFAL7Ck3QfaQIDAQABAoIBAQC8/4DNXytEWMiC
RnxOJhMbds5Fy3kFPptGqcmStifmA+zUTeWtWBseIHFJbgqmztM7TKscDMAaVtB8
4Usrx5SdLByDXchcwoDv7ZlRIoo910Lgwxk2fgwQGBMgFg8nU75/ZC+pokqGGbrU
+vth+89eHoh5MlZSOuvz+MXeHI+Y/Pep5l6reqV3c4EqvncV8Ws31+wNRlpJJZ5a
hpJhwJTkFW9Ry/ifQ7Ub/mYOrXKe1Y8eak6zFMab//8t9zxSTzCPwNrXMx8AzCZy
G3TBw2UEkU2dUFH3/5hg7tgdE+xPYH/6tGozmE1luK+LRIJ/bd9uW7sSGXQq8bGB
u/M9LmeRAoGBANz+Rvhzl5cjjvUpjLcsu2tGjWK5uAvbcHTQd8bjHQINtKTQREFo
CoEA8DD6qiyhgwuH7BIVNjjOr9LcMjuorgbcVTOBVM5RLG7KUUPCDDejlmLI+s9w
8VKv6Vx8bt8901IUsIhNJtfoZOXEBbJVDsU3iD5zFrA9dj2EQNWG2D8lAoGBANv/
T4NMs174oyrZYRTHOoepvlvX9zm9Ptcz9P7GcdZbg3jkQSXKAZqUwczDT8FzdxXH
ycwaCsVpikEPGJaKCnhSV1Kh2tR8H05kOxPy3vzpzsFtfrFyTPFzydOES//A+ZHD
ydcNph1K8Ztx+1YzTOj9KjOyuRpb5kUvO2c4zp31AoGBAK9HTusIY5eQsHZq+hze
8dfoIYPIYd2lstAz+Ixa3kseq8R9G2X1Kz+eiuOOLSMxB0tCB09gW5068eGAnKcM
5tqyLzGmxqjNYTyOY14mrqICseiwF54oqn823xRn7VhLJSzZFBtHdiORQ1Wp4ArN
w+VQYlOF3Nz0IrAwEWxKg4GxAoGBANlBOHShukF/qSMXqRer59ExgBuTG0KZ8QT0
+mzf7GuT1DH+t5dp9kuBvCFKf+i67k9EDbTRwvFRWIcHMXD4wX4xUqr3y/Mq4H+5
293Haw64lsXOK99w0Stg/V80txjKqauZfioyAGnNKOwpk9t8reconBSR2tp9Btor
2q4FG4ZBAoGANLnC8I3eHWSj3/ME+tOCu7EiiDtiE2Kt1UEtreQGyeF/cPBsDiSF
3XxgYO9bCh0TGX52e4Bfffra5f1Hvgw84dESQWunYJByb19a737MI8RN+RHKjaSo
rBjbUpA16Fi8NSro/mXDLCh8mTzu0tPG+e1jqcEVc5JDLYIau12j6jw=
-----END RSA PRIVATE KEY-----
27 changes: 27 additions & 0 deletions fixtures/certs/identities/key
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA2CJktK9jHIrhDEawPr+ougXb6YqoBH6u/iuYcS4CsenvA0No
xlfK2g0JsnfzQmmrLaxAXOFejDfTMzjcC41AC1ev1/cOYO/9daz3HxwktmpNn3FN
krF+XCEvCJwXBqy4n+ZoW3vS5pUb/9CyiGADv9QCQrZuoUjvKX2keI3TSpz7gI+m
Xj/DN5/vZDx9W4cfDXlDryZBMHK/JT/3EpMeCVGOr0W7NqOMvfJZt/G/Ai4MSGBZ
RScmwYYDw/2tjKaCWC4PRxpmzVyrrh3k+LK1kYtCFtSRaxmyrOYeUOk+ew2M19l6
blDx42Xx5y2M1a8NQ2HOP0dCVKcGSJ3Q/B8mxwIDAQABAoIBAQCzQdtKbIiEPL8o
Ylx8vpMfLgrVqLVvfO6ASgIWJLYBf2dHypnUny3UKaoYRhoQw/lAWTPMlPLI0ugs
/ISsZAtxHNnwAa0AQytxdPJE8B+W15Xnnp5bAzEtEiyjNGp4k7pQjFWTQqCJs7PU
OPBJ4XBaomj5kbsxs38AZ3+IqQBMSV2HW0HB01xrO3G5s1i5SnNbU+Vuyl4vo6gm
wUhrdpPGr6lsaeO3bODCO+rcDfam3HYQmbEKnUa34gpmNXoJLeLJmSdlyhv2jsJX
YFlZvegFE1BCoaU5nvwHa0MhitnL4sN0iCZgIzAruFPJ9Bvl0oJ973srpf99gKM7
oq4him4hAoGBANmxrYqwHWwiOZfEk93FcmFxg6lIrgpCIZ8hvjnF3gAa3NGOQepg
i575m70RY4yU3C35+WbaEBAXl9GLcvaK8enoIXchiWqYk9JtltyZXJlPwY76dJZt
T4/icwHFyvgDqd/xEs6eh36SApcgWfPFddgDequV6DvDQOhsPpFmBwARAoGBAP4q
dNrYUuMtiIff6fItuvgf4kB0U6JDFFsTvBG5Po1E9pFplh6lIyHpv+c9T8P6lZho
fGzbY35i8Ov7lqcrVxtEsiqmPWR6QBnHtEuChtC4vb6hl2kV/MlYc+tC4APd23xg
DzYqLdVOJ6RB3rfodPbVYvu01+pkR1NKvwI57RFXAoGBAIHWp1sAj4vfHdqXNFoh
WYck3RIqdyNHLiZrSbnLeg01+F5EKqxPyPaYiXrK1EUUw/3oCgh+JvZyG+qu8XJ6
jK6l9M/JANzDA+eN1VzdW41VNGzClKbjq4B134I/Jj+mb7tRXZY+lzG2hDT+5qeu
LgsYiCGu10RNwHjflrHB2IsBAoGAXLZb/eBfC+N2JCo3ilHIG+51d5F3WH8jk711
IvnxqVJ4pr5fNjqCwEIl8FHbIN/tZbTnfkXg2x94Rnx1jfEvSxEZ9JjDWD2H2F+S
kuDAEK7y9/C17G1K0p9jWXQBhyeMgqf/pIBqS57AsxgcB/XRhKB+BNcI08VUhzuC
xWsf4O0CgYEA0jdKH7Nr+G0kHGb79p3/fEM0H43sdyLXmudXXrym0wDbLNKBY6ny
k+kA63rxsMCKTPIAHcj77Mjw2MnjEwsBKZtNhewr1fv5GgqXI3G7WLKe6W9RFhbj
RMndSXGdA3J8ZJ18CF/pbGTGAhGUx2KQvHIFcXoW23fjqnHMy2mqWWI=
-----END RSA PRIVATE KEY-----
29 changes: 29 additions & 0 deletions fixtures/certs/identities/key-cert-ca.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAvensowyZI/NJNiSdopl0E12+FX4xFx8TwpV+LsNE4e3Sejcb
ym/gHwG2hXWLt8SY8lIRZB4NIT7TIXv7m6tMK3o5E7WMHfO4lo/MLvmoks4kXsaY
VwpcTbfEVr/tZoAFWbgUjx4OI8pK2M6WkDqpiIjnDAabphacANnFzUYC2xHWeLsK
TYwWMMRooIdZudDohb3Fxb68LxpJKg8BMSGgqkqCvhNzZky7eiOXk1b43YcUsyqs
Beub2PV1qoeMNST9jRwkEpModq5QuFjNJqZMi+GZiXSLERY9Q8Tezr5muh0vACiX
og8koblqLp8ArKCt96J46/om/XGFAL7Ck3QfaQIDAQABAoIBAQC8/4DNXytEWMiC
RnxOJhMbds5Fy3kFPptGqcmStifmA+zUTeWtWBseIHFJbgqmztM7TKscDMAaVtB8
4Usrx5SdLByDXchcwoDv7ZlRIoo910Lgwxk2fgwQGBMgFg8nU75/ZC+pokqGGbrU
+vth+89eHoh5MlZSOuvz+MXeHI+Y/Pep5l6reqV3c4EqvncV8Ws31+wNRlpJJZ5a
hpJhwJTkFW9Ry/ifQ7Ub/mYOrXKe1Y8eak6zFMab//8t9zxSTzCPwNrXMx8AzCZy
G3TBw2UEkU2dUFH3/5hg7tgdE+xPYH/6tGozmE1luK+LRIJ/bd9uW7sSGXQq8bGB
u/M9LmeRAoGBANz+Rvhzl5cjjvUpjLcsu2tGjWK5uAvbcHTQd8bjHQINtKTQREFo
CoEA8DD6qiyhgwuH7BIVNjjOr9LcMjuorgbcVTOBVM5RLG7KUUPCDDejlmLI+s9w
8VKv6Vx8bt8901IUsIhNJtfoZOXEBbJVDsU3iD5zFrA9dj2EQNWG2D8lAoGBANv/
T4NMs174oyrZYRTHOoepvlvX9zm9Ptcz9P7GcdZbg3jkQSXKAZqUwczDT8FzdxXH
ycwaCsVpikEPGJaKCnhSV1Kh2tR8H05kOxPy3vzpzsFtfrFyTPFzydOES//A+ZHD
ydcNph1K8Ztx+1YzTOj9KjOyuRpb5kUvO2c4zp31AoGBAK9HTusIY5eQsHZq+hze
8dfoIYPIYd2lstAz+Ixa3kseq8R9G2X1Kz+eiuOOLSMxB0tCB09gW5068eGAnKcM
5tqyLzGmxqjNYTyOY14mrqICseiwF54oqn823xRn7VhLJSzZFBtHdiORQ1Wp4ArN
w+VQYlOF3Nz0IrAwEWxKg4GxAoGBANlBOHShukF/qSMXqRer59ExgBuTG0KZ8QT0
+mzf7GuT1DH+t5dp9kuBvCFKf+i67k9EDbTRwvFRWIcHMXD4wX4xUqr3y/Mq4H+5
293Haw64lsXOK99w0Stg/V80txjKqauZfioyAGnNKOwpk9t8reconBSR2tp9Btor
2q4FG4ZBAoGANLnC8I3eHWSj3/ME+tOCu7EiiDtiE2Kt1UEtreQGyeF/cPBsDiSF
3XxgYO9bCh0TGX52e4Bfffra5f1Hvgw84dESQWunYJByb19a737MI8RN+RHKjaSo
rBjbUpA16Fi8NSro/mXDLCh8mTzu0tPG+e1jqcEVc5JDLYIau12j6jw=
-----END RSA PRIVATE KEY-----
[email protected] AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAg0NeCnpO5ZAzWmMX6XwjrFyDi+JRrPLNb0vrEYqJp+bEAAAADAQABAAABAQC96eyjDJkj80k2JJ2imXQTXb4VfjEXHxPClX4uw0Th7dJ6NxvKb+AfAbaFdYu3xJjyUhFkHg0hPtMhe/ubq0wrejkTtYwd87iWj8wu+aiSziRexphXClxNt8RWv+1mgAVZuBSPHg4jykrYzpaQOqmIiOcMBpumFpwA2cXNRgLbEdZ4uwpNjBYwxGigh1m50OiFvcXFvrwvGkkqDwExIaCqSoK+E3NmTLt6I5eTVvjdhxSzKqwF65vY9XWqh4w1JP2NHCQSkyh2rlC4WM0mpkyL4ZmJdIsRFj1DxN7Ovma6HS8AKJeiDyShuWounwCsoK33onjr+ib9cYUAvsKTdB9pAAAAAAAAAAAAAAABAAAACmVrb250c2V2b3kAAAAOAAAACmVrb250c2V2b3kAAAAAAAAAAAAAAABZPPDKAAAAAAAAAHYAAAAWcGVybWl0LXBvcnQtZm9yd2FyZGluZwAAAAAAAAAKcGVybWl0LXB0eQAAAAAAAAAOdGVsZXBvcnQtcm9sZXMAAAAwAAAALHsidmVyc2lvbiI6InYxIiwicm9sZXMiOlsidXNlcjpla29udHNldm95Il19AAAAAAAAARcAAAAHc3NoLXJzYQAAAAMBAAEAAAEBAMA/0pVkfFhDPUDosZpM9nP/r/t6tORkmhXCxMkLZiS7+kg0htYSDLmwFGfzgSbYAH6Bryu9BZOxv1W23WW9oW7IdJpwfCpuyzFoRN0/2mHhAAHETtxucksTgYNwN+dDXF/IzG/QGVYswP4ENte4ZuNsd3bquBu+opK7CXU4B+UtsY0JUcV7gU5TzCZBdFpzLgB2VUpiHlFg0PUuV74aZmwzHlwoONBSIn2FZpHmvN2ZUdqTHSjof1vgH20cScMWGk05dFuM5gWjHEYC1gwdPpmTGcgN93SAQwKiAUQ6ZnJ+lVhzSp+/vxVz/aecDnrza+xI26DnB/nEEiCMu92WYxEAAAEPAAAAB3NzaC1yc2EAAAEAQRUml83QKsEeWB0WswfR1rvEzzumYRn/CAMTSGsF99bNzHmZ0lJbwCzNdl0hlJ3tGVPhANL5WwWuiLN1q6O8qrUU4cGJK3L8eNFUXmJIVc1xH2bIaws+nHikqPHnxbtAzJBbHeCngBX7eVT69bW6AdgWSHSzlPRaAaApMoEwVIMKOLiedjy7D9s/Cd+GtOtxTMoG/LmFBnvUiuXWwiQ658MRrg65ATl0x24ErJqz2cnj52Sy5G6SNUrENRqkP8TxRtp6a+FT1oJQ/2LqLwnlPQpb41j6fDqLRa47NU2TRnYRv0rhCMHO5tIhA51qhRlU9R2m5BH5o1JswN/phMgbjg==
@cert-authority *.turing.local ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEk4cVIiydp9xSPIb8UqXpShY8zPlk/lpR69UL+0+RnNXtQl7GcQUZsrXDB2gOCfj+doKZj8Pt8oQVSDJF/vKhr+KS2Z+LC2Gyt8D5IY/acyyhSN5VoIo0JzIOr5CPGJNpLChREFuveV30hLihSfY52cqSvu7N5u34BlZ29WTLeBD9WssAG5HZUES8Xo3neHBl4SOck+mdiUvOIPhcnPiYRmYltOI3GJRu5y1xGemoPU3MnMziQMqnKCc2+To6IC8CkeQqa8D//BxLjenjSgn1K/SLUHraMb5qCmf77fyshj6A9jamgo0UOaOqem+jyg8idnz6JbVfXwW0nEaSyPzX type=host
28 changes: 28 additions & 0 deletions fixtures/certs/identities/key-cert.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAvensowyZI/NJNiSdopl0E12+FX4xFx8TwpV+LsNE4e3Sejcb
ym/gHwG2hXWLt8SY8lIRZB4NIT7TIXv7m6tMK3o5E7WMHfO4lo/MLvmoks4kXsaY
VwpcTbfEVr/tZoAFWbgUjx4OI8pK2M6WkDqpiIjnDAabphacANnFzUYC2xHWeLsK
TYwWMMRooIdZudDohb3Fxb68LxpJKg8BMSGgqkqCvhNzZky7eiOXk1b43YcUsyqs
Beub2PV1qoeMNST9jRwkEpModq5QuFjNJqZMi+GZiXSLERY9Q8Tezr5muh0vACiX
og8koblqLp8ArKCt96J46/om/XGFAL7Ck3QfaQIDAQABAoIBAQC8/4DNXytEWMiC
RnxOJhMbds5Fy3kFPptGqcmStifmA+zUTeWtWBseIHFJbgqmztM7TKscDMAaVtB8
4Usrx5SdLByDXchcwoDv7ZlRIoo910Lgwxk2fgwQGBMgFg8nU75/ZC+pokqGGbrU
+vth+89eHoh5MlZSOuvz+MXeHI+Y/Pep5l6reqV3c4EqvncV8Ws31+wNRlpJJZ5a
hpJhwJTkFW9Ry/ifQ7Ub/mYOrXKe1Y8eak6zFMab//8t9zxSTzCPwNrXMx8AzCZy
G3TBw2UEkU2dUFH3/5hg7tgdE+xPYH/6tGozmE1luK+LRIJ/bd9uW7sSGXQq8bGB
u/M9LmeRAoGBANz+Rvhzl5cjjvUpjLcsu2tGjWK5uAvbcHTQd8bjHQINtKTQREFo
CoEA8DD6qiyhgwuH7BIVNjjOr9LcMjuorgbcVTOBVM5RLG7KUUPCDDejlmLI+s9w
8VKv6Vx8bt8901IUsIhNJtfoZOXEBbJVDsU3iD5zFrA9dj2EQNWG2D8lAoGBANv/
T4NMs174oyrZYRTHOoepvlvX9zm9Ptcz9P7GcdZbg3jkQSXKAZqUwczDT8FzdxXH
ycwaCsVpikEPGJaKCnhSV1Kh2tR8H05kOxPy3vzpzsFtfrFyTPFzydOES//A+ZHD
ydcNph1K8Ztx+1YzTOj9KjOyuRpb5kUvO2c4zp31AoGBAK9HTusIY5eQsHZq+hze
8dfoIYPIYd2lstAz+Ixa3kseq8R9G2X1Kz+eiuOOLSMxB0tCB09gW5068eGAnKcM
5tqyLzGmxqjNYTyOY14mrqICseiwF54oqn823xRn7VhLJSzZFBtHdiORQ1Wp4ArN
w+VQYlOF3Nz0IrAwEWxKg4GxAoGBANlBOHShukF/qSMXqRer59ExgBuTG0KZ8QT0
+mzf7GuT1DH+t5dp9kuBvCFKf+i67k9EDbTRwvFRWIcHMXD4wX4xUqr3y/Mq4H+5
293Haw64lsXOK99w0Stg/V80txjKqauZfioyAGnNKOwpk9t8reconBSR2tp9Btor
2q4FG4ZBAoGANLnC8I3eHWSj3/ME+tOCu7EiiDtiE2Kt1UEtreQGyeF/cPBsDiSF
3XxgYO9bCh0TGX52e4Bfffra5f1Hvgw84dESQWunYJByb19a737MI8RN+RHKjaSo
rBjbUpA16Fi8NSro/mXDLCh8mTzu0tPG+e1jqcEVc5JDLYIau12j6jw=
-----END RSA PRIVATE KEY-----
[email protected] AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAg0NeCnpO5ZAzWmMX6XwjrFyDi+JRrPLNb0vrEYqJp+bEAAAADAQABAAABAQC96eyjDJkj80k2JJ2imXQTXb4VfjEXHxPClX4uw0Th7dJ6NxvKb+AfAbaFdYu3xJjyUhFkHg0hPtMhe/ubq0wrejkTtYwd87iWj8wu+aiSziRexphXClxNt8RWv+1mgAVZuBSPHg4jykrYzpaQOqmIiOcMBpumFpwA2cXNRgLbEdZ4uwpNjBYwxGigh1m50OiFvcXFvrwvGkkqDwExIaCqSoK+E3NmTLt6I5eTVvjdhxSzKqwF65vY9XWqh4w1JP2NHCQSkyh2rlC4WM0mpkyL4ZmJdIsRFj1DxN7Ovma6HS8AKJeiDyShuWounwCsoK33onjr+ib9cYUAvsKTdB9pAAAAAAAAAAAAAAABAAAACmVrb250c2V2b3kAAAAOAAAACmVrb250c2V2b3kAAAAAAAAAAAAAAABZPPDKAAAAAAAAAHYAAAAWcGVybWl0LXBvcnQtZm9yd2FyZGluZwAAAAAAAAAKcGVybWl0LXB0eQAAAAAAAAAOdGVsZXBvcnQtcm9sZXMAAAAwAAAALHsidmVyc2lvbiI6InYxIiwicm9sZXMiOlsidXNlcjpla29udHNldm95Il19AAAAAAAAARcAAAAHc3NoLXJzYQAAAAMBAAEAAAEBAMA/0pVkfFhDPUDosZpM9nP/r/t6tORkmhXCxMkLZiS7+kg0htYSDLmwFGfzgSbYAH6Bryu9BZOxv1W23WW9oW7IdJpwfCpuyzFoRN0/2mHhAAHETtxucksTgYNwN+dDXF/IzG/QGVYswP4ENte4ZuNsd3bquBu+opK7CXU4B+UtsY0JUcV7gU5TzCZBdFpzLgB2VUpiHlFg0PUuV74aZmwzHlwoONBSIn2FZpHmvN2ZUdqTHSjof1vgH20cScMWGk05dFuM5gWjHEYC1gwdPpmTGcgN93SAQwKiAUQ6ZnJ+lVhzSp+/vxVz/aecDnrza+xI26DnB/nEEiCMu92WYxEAAAEPAAAAB3NzaC1yc2EAAAEAQRUml83QKsEeWB0WswfR1rvEzzumYRn/CAMTSGsF99bNzHmZ0lJbwCzNdl0hlJ3tGVPhANL5WwWuiLN1q6O8qrUU4cGJK3L8eNFUXmJIVc1xH2bIaws+nHikqPHnxbtAzJBbHeCngBX7eVT69bW6AdgWSHSzlPRaAaApMoEwVIMKOLiedjy7D9s/Cd+GtOtxTMoG/LmFBnvUiuXWwiQ658MRrg65ATl0x24ErJqz2cnj52Sy5G6SNUrENRqkP8TxRtp6a+FT1oJQ/2LqLwnlPQpb41j6fDqLRa47NU2TRnYRv0rhCMHO5tIhA51qhRlU9R2m5BH5o1JswN/phMgbjg==
1 change: 1 addition & 0 deletions fixtures/certs/identities/key-cert.pub
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
[email protected] AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgdLgAzmQvFSeuCGB+S0rIV0MTdPq7bwJUS9JF6pBKy9YAAAADAQABAAABAQDYImS0r2MciuEMRrA+v6i6BdvpiqgEfq7+K5hxLgKx6e8DQ2jGV8raDQmyd/NCaastrEBc4V6MN9MzONwLjUALV6/X9w5g7/11rPcfHCS2ak2fcU2SsX5cIS8InBcGrLif5mhbe9LmlRv/0LKIYAO/1AJCtm6hSO8pfaR4jdNKnPuAj6ZeP8M3n+9kPH1bhx8NeUOvJkEwcr8lP/cSkx4JUY6vRbs2o4y98lm38b8CLgxIYFlFJybBhgPD/a2MpoJYLg9HGmbNXKuuHeT4srWRi0IW1JFrGbKs5h5Q6T57DYzX2XpuUPHjZfHnLYzVrw1DYc4/R0JUpwZIndD8HybHAAAAAAAAAAAAAAABAAAACmVrb250c2V2b3kAAAAOAAAACmVrb250c2V2b3kAAAAAAAAAAAAAAABZPkg1AAAAAAAAAHYAAAAWcGVybWl0LXBvcnQtZm9yd2FyZGluZwAAAAAAAAAKcGVybWl0LXB0eQAAAAAAAAAOdGVsZXBvcnQtcm9sZXMAAAAwAAAALHsidmVyc2lvbiI6InYxIiwicm9sZXMiOlsidXNlcjpla29udHNldm95Il19AAAAAAAAARcAAAAHc3NoLXJzYQAAAAMBAAEAAAEBAMA/0pVkfFhDPUDosZpM9nP/r/t6tORkmhXCxMkLZiS7+kg0htYSDLmwFGfzgSbYAH6Bryu9BZOxv1W23WW9oW7IdJpwfCpuyzFoRN0/2mHhAAHETtxucksTgYNwN+dDXF/IzG/QGVYswP4ENte4ZuNsd3bquBu+opK7CXU4B+UtsY0JUcV7gU5TzCZBdFpzLgB2VUpiHlFg0PUuV74aZmwzHlwoONBSIn2FZpHmvN2ZUdqTHSjof1vgH20cScMWGk05dFuM5gWjHEYC1gwdPpmTGcgN93SAQwKiAUQ6ZnJ+lVhzSp+/vxVz/aecDnrza+xI26DnB/nEEiCMu92WYxEAAAEPAAAAB3NzaC1yc2EAAAEAmfMaUJlv4LQeOl9908gsYF2QuJxNTGVp9x2SWHkVEhZ05fOrbdWyIc/h3c2xWczwhFPRbJBMziFD2hsnrCxVYbcwM9jSvozwLaEKaoDmuok/ueeFokz5GuOQNV3TGbx58ZtOoH89ebuyl/LQR6f9eR81iZvaZ7URSRWSZRhrYZ9XrNtnvb4ggbP/RJZwi45bvUZ3ybebK+mgoeRoqRVdkp54Wzy/dY0mTHt6MuvBrm3J4FnrLqNNJY+68C1PZTi7ZveAr2NJqJf2QHil1Ar8uuDY7vRK2aU8UMKBgPCdzTm8wGn/9Jy+KnkbXBs+W2V63MmtwA3GYfjrMcWC72nnLg==
27 changes: 27 additions & 0 deletions fixtures/certs/identities/lonekey
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA2CJktK9jHIrhDEawPr+ougXb6YqoBH6u/iuYcS4CsenvA0No
xlfK2g0JsnfzQmmrLaxAXOFejDfTMzjcC41AC1ev1/cOYO/9daz3HxwktmpNn3FN
krF+XCEvCJwXBqy4n+ZoW3vS5pUb/9CyiGADv9QCQrZuoUjvKX2keI3TSpz7gI+m
Xj/DN5/vZDx9W4cfDXlDryZBMHK/JT/3EpMeCVGOr0W7NqOMvfJZt/G/Ai4MSGBZ
RScmwYYDw/2tjKaCWC4PRxpmzVyrrh3k+LK1kYtCFtSRaxmyrOYeUOk+ew2M19l6
blDx42Xx5y2M1a8NQ2HOP0dCVKcGSJ3Q/B8mxwIDAQABAoIBAQCzQdtKbIiEPL8o
Ylx8vpMfLgrVqLVvfO6ASgIWJLYBf2dHypnUny3UKaoYRhoQw/lAWTPMlPLI0ugs
/ISsZAtxHNnwAa0AQytxdPJE8B+W15Xnnp5bAzEtEiyjNGp4k7pQjFWTQqCJs7PU
OPBJ4XBaomj5kbsxs38AZ3+IqQBMSV2HW0HB01xrO3G5s1i5SnNbU+Vuyl4vo6gm
wUhrdpPGr6lsaeO3bODCO+rcDfam3HYQmbEKnUa34gpmNXoJLeLJmSdlyhv2jsJX
YFlZvegFE1BCoaU5nvwHa0MhitnL4sN0iCZgIzAruFPJ9Bvl0oJ973srpf99gKM7
oq4him4hAoGBANmxrYqwHWwiOZfEk93FcmFxg6lIrgpCIZ8hvjnF3gAa3NGOQepg
i575m70RY4yU3C35+WbaEBAXl9GLcvaK8enoIXchiWqYk9JtltyZXJlPwY76dJZt
T4/icwHFyvgDqd/xEs6eh36SApcgWfPFddgDequV6DvDQOhsPpFmBwARAoGBAP4q
dNrYUuMtiIff6fItuvgf4kB0U6JDFFsTvBG5Po1E9pFplh6lIyHpv+c9T8P6lZho
fGzbY35i8Ov7lqcrVxtEsiqmPWR6QBnHtEuChtC4vb6hl2kV/MlYc+tC4APd23xg
DzYqLdVOJ6RB3rfodPbVYvu01+pkR1NKvwI57RFXAoGBAIHWp1sAj4vfHdqXNFoh
WYck3RIqdyNHLiZrSbnLeg01+F5EKqxPyPaYiXrK1EUUw/3oCgh+JvZyG+qu8XJ6
jK6l9M/JANzDA+eN1VzdW41VNGzClKbjq4B134I/Jj+mb7tRXZY+lzG2hDT+5qeu
LgsYiCGu10RNwHjflrHB2IsBAoGAXLZb/eBfC+N2JCo3ilHIG+51d5F3WH8jk711
IvnxqVJ4pr5fNjqCwEIl8FHbIN/tZbTnfkXg2x94Rnx1jfEvSxEZ9JjDWD2H2F+S
kuDAEK7y9/C17G1K0p9jWXQBhyeMgqf/pIBqS57AsxgcB/XRhKB+BNcI08VUhzuC
xWsf4O0CgYEA0jdKH7Nr+G0kHGb79p3/fEM0H43sdyLXmudXXrym0wDbLNKBY6ny
k+kA63rxsMCKTPIAHcj77Mjw2MnjEwsBKZtNhewr1fv5GgqXI3G7WLKe6W9RFhbj
RMndSXGdA3J8ZJ18CF/pbGTGAhGUx2KQvHIFcXoW23fjqnHMy2mqWWI=
-----END RSA PRIVATE KEY-----
17 changes: 11 additions & 6 deletions lib/client/api.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -914,6 +914,8 @@ func (tc *TeleportClient) authMethods() []ssh.AuthMethod {

// ConnectToProxy dials the proxy server and returns ProxyClient if successful
func (tc *TeleportClient) ConnectToProxy() (*ProxyClient, error) {
var err error

proxyPrincipal := tc.getProxySSHPrincipal()
proxyAddr := tc.Config.ProxySSHHostPort()
sshConfig := &ssh.ClientConfig{
Expand All @@ -939,9 +941,10 @@ func (tc *TeleportClient) ConnectToProxy() (*ProxyClient, error) {
// try to authenticate using every non interactive auth method we have:
for i, m := range tc.authMethods() {
log.Infof("[CLIENT] connecting proxy=%v login='%v' method=%d", proxyAddr, sshConfig.User, i)
var sshClient *ssh.Client

sshConfig.Auth = []ssh.AuthMethod{m}
sshClient, err := ssh.Dial("tcp", proxyAddr, sshConfig)
sshClient, err = ssh.Dial("tcp", proxyAddr, sshConfig)
if err != nil {
if utils.IsHandshakeFailedError(err) {
log.Warn(err)
Expand All @@ -953,9 +956,12 @@ func (tc *TeleportClient) ConnectToProxy() (*ProxyClient, error) {
return makeProxyClient(sshClient, m), nil
}
// we have exhausted all auth existing auth methods and local login
// is disabled in configuration
if tc.Config.SkipLocalAuth {
return nil, trace.BadParameter("failed to authenticate with proxy %v", proxyAddr)
// is disabled in configuration, or the user refused connecting to untrusted hosts
if tc.Config.SkipLocalAuth || tc.localAgent.UserRefusedHosts() {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It might be useful to have these in separate blocks then return different errors. Knowing if authentication failed because because all auth methods were exhausted or because of an invalid host certificate would be useful when debugging issues.

if err == nil {
err = trace.BadParameter("failed to authenticate with proxy %v", proxyAddr)
}
return nil, trace.Wrap(err)
}
// if we get here, it means we failed to authenticate using stored keys
// and we need to ask for the login information
Expand All @@ -968,7 +974,6 @@ func (tc *TeleportClient) ConnectToProxy() (*ProxyClient, error) {
}
return nil, trace.Wrap(err)
}

// After successfull login we have local agent updated with latest
// and greatest auth information, try it now
sshConfig.Auth = []ssh.AuthMethod{authMethod}
Expand Down Expand Up @@ -1041,7 +1046,7 @@ func (tc *TeleportClient) Login() (*CertAuthMethod, error) {
// extract the new certificate out of the response
key.Cert = response.Cert

// save the list of CAs we trust to the cache file
// save the list of CAs we trust to ~/.tsh/known_hosts
err = tc.localAgent.AddHostSignersToCache(response.HostSigners)
if err != nil {
return nil, trace.Wrap(err)
Expand Down
Loading