serve sftp: add support for multiple host keys by repeating --key flag

This commit is contained in:
Maxime Suret 2020-05-09 15:43:17 +02:00 committed by GitHub
parent c80b6d96dd
commit 79d29bb41e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 31 additions and 29 deletions

View File

@ -206,13 +206,14 @@ func (s *server) serve() (err error) {
}
// Load the private key, from the cache if not explicitly configured
keyPath := s.opt.Key
keyPaths := s.opt.HostKeys
cachePath := filepath.Join(config.CacheDir, "serve-sftp")
if keyPath == "" {
keyPath = filepath.Join(cachePath, "id_rsa")
if len(keyPaths) == 0 {
keyPaths = []string{filepath.Join(cachePath, "id_rsa")}
}
for _, keyPath := range keyPaths {
private, err := loadPrivateKey(keyPath)
if err != nil && s.opt.Key == "" {
if err != nil && len(s.opt.HostKeys) == 0 {
fs.Debugf(nil, "Failed to load %q: %v", keyPath, err)
// If loading a cached key failed, make the keys and retry
err = os.MkdirAll(cachePath, 0700)
@ -234,6 +235,7 @@ func (s *server) serve() (err error) {
fs.Debugf(nil, "Loaded private key from %q", keyPath)
s.config.AddHostKey(private)
}
// Once a ServerConfig has been configured, connections can be
// accepted.

View File

@ -20,7 +20,7 @@ import (
// Options contains options for the http Server
type Options struct {
ListenAddr string // Port to listen on
Key string // Path to private host key
HostKeys []string // Paths to private host keys
AuthorizedKeys string // Path to authorized keys file
User string // single username
Pass string // password for user
@ -40,7 +40,7 @@ var Opt = DefaultOpt
func AddFlags(flagSet *pflag.FlagSet, Opt *Options) {
rc.AddOption("sftp", &Opt)
flags.StringVarP(flagSet, &Opt.ListenAddr, "addr", "", Opt.ListenAddr, "IPaddress:Port or :Port to bind server to.")
flags.StringVarP(flagSet, &Opt.Key, "key", "", Opt.Key, "SSH private host key file (leave blank to auto generate)")
flags.StringArrayVarP(flagSet, &Opt.HostKeys, "key", "", Opt.HostKeys, "SSH private host key file (Can be multi-valued, leave blank to auto generate)")
flags.StringVarP(flagSet, &Opt.AuthorizedKeys, "authorized-keys", "", Opt.AuthorizedKeys, "Authorized keys file")
flags.StringVarP(flagSet, &Opt.User, "user", "", Opt.User, "User name for authentication.")
flags.StringVarP(flagSet, &Opt.Pass, "pass", "", Opt.Pass, "Password for authentication.")