Load user profile when SSH (#380)

This PR fixes issues with the terminal when
running netbird ssh to a remote agent.
Every session looks up a user and loads its
profile. If no user is found, the connection is rejected.
The default user is root.
This commit is contained in:
Misha Bragin
2022-07-07 11:24:38 +02:00
committed by GitHub
parent 49e9113e0f
commit d4a3ee9d87
5 changed files with 137 additions and 13 deletions

View File

@ -7,6 +7,7 @@ import (
nbstatus "github.com/netbirdio/netbird/client/status"
"math/rand"
"net"
"reflect"
"runtime"
"strings"
"sync"
@ -174,6 +175,13 @@ func (e *Engine) Stop() error {
}
}
if !isNil(e.sshServer) {
err := e.sshServer.Stop()
if err != nil {
log.Warnf("failed stopping the SSH server: %v", err)
}
}
log.Infof("stopped Netbird Engine")
return nil
@ -301,7 +309,7 @@ func (e *Engine) removeAllPeers() error {
func (e *Engine) removePeer(peerKey string) error {
log.Debugf("removing peer from engine %s", peerKey)
if e.sshServer != nil {
if !isNil(e.sshServer) {
e.sshServer.RemoveAuthorizedKey(peerKey)
}
@ -434,6 +442,10 @@ func (e *Engine) handleSync(update *mgmProto.SyncResponse) error {
return nil
}
func isNil(server nbssh.Server) bool {
return server == nil || reflect.ValueOf(server).IsNil()
}
func (e *Engine) updateSSH(sshConf *mgmProto.SSHConfig) error {
if sshConf.GetSshEnabled() {
if runtime.GOOS == "windows" {
@ -441,7 +453,7 @@ func (e *Engine) updateSSH(sshConf *mgmProto.SSHConfig) error {
return nil
}
// start SSH server if it wasn't running
if e.sshServer == nil {
if isNil(e.sshServer) {
//nil sshServer means it has not yet been started
var err error
e.sshServer, err = e.sshServerFunc(e.config.SSHKey,
@ -466,7 +478,7 @@ func (e *Engine) updateSSH(sshConf *mgmProto.SSHConfig) error {
}
} else {
// Disable SSH server request, so stop it if it was running
if e.sshServer != nil {
if !isNil(e.sshServer) {
err := e.sshServer.Stop()
if err != nil {
log.Warnf("failed to stop SSH server %v", err)
@ -597,7 +609,7 @@ func (e *Engine) updateNetworkMap(networkMap *mgmProto.NetworkMap) error {
}
// update SSHServer by adding remote peer SSH keys
if e.sshServer != nil {
if !isNil(e.sshServer) {
for _, config := range networkMap.GetRemotePeers() {
if config.GetSshConfig() != nil && config.GetSshConfig().GetSshPubKey() != nil {
err := e.sshServer.AddAuthorizedKey(config.WgPubKey, string(config.GetSshConfig().GetSshPubKey()))