From bc4ec4126bd30f12587f65b519d2b1e8dd1889f0 Mon Sep 17 00:00:00 2001 From: Kyle Lucy Date: Tue, 16 Jun 2020 11:59:18 -0400 Subject: [PATCH 1/4] add host checking support --- index.js | 6 ++++++ src/server/cli/options.ts | 1 + src/server/cli/parseArgs.ts | 1 + src/server/command/index.ts | 3 ++- src/server/command/ssh.ts | 11 ++++++++--- src/server/interfaces.ts | 1 + 6 files changed, 19 insertions(+), 4 deletions(-) diff --git a/index.js b/index.js index d173a4c..7d878cc 100755 --- a/index.js +++ b/index.js @@ -73,6 +73,12 @@ if (require.main === module) { type: 'boolean', default: process.env.FORCESSH || false }, + knownhosts: { + demand: false, + description: 'path to known hosts file', + type: 'string', + default: process.env.KNOWNHOSTS || '/dev/null', + }, base: { demand: false, alias: 'b', diff --git a/src/server/cli/options.ts b/src/server/cli/options.ts index 01d4f9c..32510c3 100644 --- a/src/server/cli/options.ts +++ b/src/server/cli/options.ts @@ -5,6 +5,7 @@ export interface Options { sshauth: string; sshkey?: string; sshpass?: string; + knownhosts: string; sslkey?: string; sslcert?: string; base: string; diff --git a/src/server/cli/parseArgs.ts b/src/server/cli/parseArgs.ts index 792ee14..c322d9a 100644 --- a/src/server/cli/parseArgs.ts +++ b/src/server/cli/parseArgs.ts @@ -13,6 +13,7 @@ export function unWrapArgs( port: args.sshport, pass: args.sshpass, key: args.sshkey, + knownhosts: args.knownhosts, }, server: { base: args.base, diff --git a/src/server/command/index.ts b/src/server/command/index.ts index 91415d3..cc3e97d 100644 --- a/src/server/command/index.ts +++ b/src/server/command/index.ts @@ -24,7 +24,7 @@ export default ( conn: { remoteAddress }, }, }: Socket, - { user, host, port, auth, pass, key }: SSH, + { user, host, port, auth, pass, key, knownhosts }: SSH, command: string, forcessh: boolean ): { args: string[]; user: boolean } => ({ @@ -37,6 +37,7 @@ export default ( pass: pass || '', command, auth, + knownhosts, }), key ), diff --git a/src/server/command/ssh.ts b/src/server/command/ssh.ts index ece47e2..bc75aab 100644 --- a/src/server/command/ssh.ts +++ b/src/server/command/ssh.ts @@ -3,10 +3,15 @@ import parseCommand from './parse'; import logger from '../utils/logger'; export default function sshOptions( - { pass, path, command, host, port, auth }: { [s: string]: string }, + { pass, path, command, host, port, auth, knownhosts }: { [s: string]: string }, key?: string ): string[] { const cmd = parseCommand(command, path); + if (knownhosts !== '/dev/null') { + var hostChecking = 'yes'; + } else { + var hostChecking = 'no'; + } const sshRemoteOptsBase = [ 'ssh', host, @@ -16,9 +21,9 @@ export default function sshOptions( '-o', `PreferredAuthentications=${auth}`, '-o', - 'UserKnownHostsFile=/dev/null', + `UserKnownHostsFile=${knownhosts}`, '-o', - 'StrictHostKeyChecking=no', + `StrictHostKeyChecking=${hostChecking}`, ]; logger.info(`Authentication Type: ${auth}`); if (!isUndefined(key)) { diff --git a/src/server/interfaces.ts b/src/server/interfaces.ts index 16eb4b1..7de8f55 100644 --- a/src/server/interfaces.ts +++ b/src/server/interfaces.ts @@ -3,6 +3,7 @@ export interface SSH { host: string; auth: string; port: number; + knownhosts: string; pass?: string; key?: string; } From a36bbfba2c5f70b265395323f1e60dcabfbfcb15 Mon Sep 17 00:00:00 2001 From: Kyle Lucy Date: Tue, 16 Jun 2020 14:02:05 -0400 Subject: [PATCH 2/4] declare hostChecking at top of function --- src/server/command/ssh.ts | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/server/command/ssh.ts b/src/server/command/ssh.ts index bc75aab..a453f9a 100644 --- a/src/server/command/ssh.ts +++ b/src/server/command/ssh.ts @@ -6,11 +6,12 @@ export default function sshOptions( { pass, path, command, host, port, auth, knownhosts }: { [s: string]: string }, key?: string ): string[] { + var hostChecking; const cmd = parseCommand(command, path); if (knownhosts !== '/dev/null') { - var hostChecking = 'yes'; + hostChecking = 'yes'; } else { - var hostChecking = 'no'; + hostChecking = 'no'; } const sshRemoteOptsBase = [ 'ssh', From 03b4cea41f0a22ffd463ab324437023bb0420d94 Mon Sep 17 00:00:00 2001 From: Kyle Lucy Date: Tue, 16 Jun 2020 14:08:14 -0400 Subject: [PATCH 3/4] change var to let --- src/server/command/ssh.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/server/command/ssh.ts b/src/server/command/ssh.ts index a453f9a..50f0cb3 100644 --- a/src/server/command/ssh.ts +++ b/src/server/command/ssh.ts @@ -6,7 +6,7 @@ export default function sshOptions( { pass, path, command, host, port, auth, knownhosts }: { [s: string]: string }, key?: string ): string[] { - var hostChecking; + let hostChecking; const cmd = parseCommand(command, path); if (knownhosts !== '/dev/null') { hostChecking = 'yes'; From 079f5ac3b3bfee334011c2b45c50c06b6ac227ac Mon Sep 17 00:00:00 2001 From: Kyle Lucy Date: Tue, 16 Jun 2020 18:41:54 -0400 Subject: [PATCH 4/4] switch to const with ternary --- src/server/command/ssh.ts | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/src/server/command/ssh.ts b/src/server/command/ssh.ts index 50f0cb3..c7ad0df 100644 --- a/src/server/command/ssh.ts +++ b/src/server/command/ssh.ts @@ -6,13 +6,8 @@ export default function sshOptions( { pass, path, command, host, port, auth, knownhosts }: { [s: string]: string }, key?: string ): string[] { - let hostChecking; const cmd = parseCommand(command, path); - if (knownhosts !== '/dev/null') { - hostChecking = 'yes'; - } else { - hostChecking = 'no'; - } + const hostChecking = (knownhosts !== '/dev/null') ? 'yes' : 'no' const sshRemoteOptsBase = [ 'ssh', host,