balki/pgweb
1
0
Fork 0
Code Pull Requests Activity

Add support for encrypted ssh keys

Browse Source
This commit is contained in:
Dan Sosedoff
2019-11-02 12:44:04 -05:00
parent 9e64bb5eec
commit 7475f398b1
30 changed files with 1748 additions and 237 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
pkg/client/tunnel.go
View File

@@ -13,6 +13,7 @@ import (
"sync"
"time"
"github.com/ScaleFT/sshkeys"
"golang.org/x/crypto/ssh"
"github.com/sosedoff/pgweb/pkg/connection"
@@ -52,13 +53,22 @@ func fileExists(path string) bool {
return err == nil
}
func parsePrivateKey(keyPath string) (ssh.Signer, error) {
func parsePrivateKey(keyPath string, keyPass string) (ssh.Signer, error) {
buff, err := ioutil.ReadFile(keyPath)
if err != nil {
return nil, err
}
return ssh.ParsePrivateKey(buff)
signer, err := ssh.ParsePrivateKey(buff)
if err != nil {
if strings.Contains(err.Error(), "cannot decode encrypted private keys") {
if keyPass == "" {
return nil, errors.New("SSH key password is not provided")
}
return sshkeys.ParseEncryptedPrivateKey(buff, []byte(keyPass))
}
}
return signer, err
}
func makeConfig(info *shared.SSHInfo) (*ssh.ClientConfig, error) {
@@ -77,7 +87,7 @@ func makeConfig(info *shared.SSHInfo) (*ssh.ClientConfig, error) {
}
// Appen public key authentication method
key, err := parsePrivateKey(keyPath)
key, err := parsePrivateKey(keyPath, info.KeyPassword)
if err != nil {
return nil, err
}