Browse Source

Force ssh connection (#226)

* Setting lower websocket ping interval values

* Updated package version

* Ask ssh user from the standard input and force ssh connection

* Removed --sshaskuser option as it's not necessary

* Bumping the version to 1.3.0
pull/227/head
Janos Kasza 5 years ago
committed by Cian Butler
parent
commit
a97c4ee91f
  1. 11
      README.md
  2. 1
      docs/API.md
  3. 6
      index.js
  4. 2
      package.json
  5. 4
      src/server/cli/index.ts
  6. 1
      src/server/cli/options.ts
  7. 3
      src/server/cli/parseArgs.ts
  8. 7
      src/server/command/index.ts
  9. 5
      src/server/command/ssh.ts
  10. 3
      src/server/wetty/index.ts

11
README.md

@ -1,7 +1,11 @@
# WeTTY = Web + TTY. # WeTTY = Web + TTY.
<!-- ALL-CONTRIBUTORS-BADGE:START - Do not remove or modify this section --> <!-- ALL-CONTRIBUTORS-BADGE:START - Do not remove or modify this section -->
![All Contributors](https://img.shields.io/badge/all_contributors-33-orange.svg?style=flat-square) <!-- ALL-CONTRIBUTORS-BADGE:END -->
![All Contributors](https://img.shields.io/badge/all_contributors-33-orange.svg?style=flat-square)
<!-- ALL-CONTRIBUTORS-BADGE:END -->
![Version](https://img.shields.io/badge/version-1.1.7-blue.svg?cacheSeconds=2592000) ![Version](https://img.shields.io/badge/version-1.1.7-blue.svg?cacheSeconds=2592000)
![Node Version](https://img.shields.io/badge/node-%3E%3D6.9-blue.svg) ![Node Version](https://img.shields.io/badge/node-%3E%3D6.9-blue.svg)
[![Documentation](https://img.shields.io/badge/documentation-yes-brightgreen.svg)](https://github.com/butlerx/wetty/tree/master/docs) [![Documentation](https://img.shields.io/badge/documentation-yes-brightgreen.svg)](https://github.com/butlerx/wetty/tree/master/docs)
@ -31,7 +35,7 @@ yarn global add wetty
## Usage ## Usage
```sh ```sh
wetty [-h] [--port PORT] [--base BASE] [--sshhost SSH_HOST] [--sshport SSH_PORT] [--sshuser SSH_USER] [--host HOST] [--command COMMAND] [--bypasshelmet] [--title TITLE] [--sslkey SSL_KEY_PATH] [--sslcert SSL_CERT_PATH] wetty [-h] [--port PORT] [--base BASE] [--sshhost SSH_HOST] [--sshport SSH_PORT] [--sshuser SSH_USER] [--host HOST] [--command COMMAND] [--forcessh] [--bypasshelmet] [--title TITLE] [--sslkey SSL_KEY_PATH] [--sslcert SSL_CERT_PATH]
``` ```
Open your browser on `http://yourserver:3000/wetty` and you will prompted to Open your browser on `http://yourserver:3000/wetty` and you will prompted to
@ -39,7 +43,8 @@ login. Or go to `http://yourserver:3000/wetty/ssh/<username>` to specify the
user before hand. user before hand.
If you run it as root it will launch `/bin/login` (where you can specify the If you run it as root it will launch `/bin/login` (where you can specify the
user name), else it will launch `ssh` and connect by default to `localhost`. user name), else it will launch `ssh` and connect by default to `localhost`. The
SSH connection can be forced using the `--forcessh` option.
If instead you wish to connect to a remote host you can specify the `--sshhost` If instead you wish to connect to a remote host you can specify the `--sshhost`
option, the SSH port using the `--sshport` option and the SSH user using the option, the SSH port using the `--sshport` option and the SSH user using the

1
docs/API.md

@ -33,6 +33,7 @@ Starts WeTTy Server
| [serverConf.title] | `string` | `'WeTTy'` | Title of the server | | [serverConf.title] | `string` | `'WeTTy'` | Title of the server |
| [serverConf.bypasshelmet] | `boolean` | `false` | if helmet should be disabled on the sever | | [serverConf.bypasshelmet] | `boolean` | `false` | if helmet should be disabled on the sever |
| [command] | `string` | `"''"` | The command to execute. If running as root and no host specified this will be login if a host is specified will be ssh | | [command] | `string` | `"''"` | The command to execute. If running as root and no host specified this will be login if a host is specified will be ssh |
| [forcessh] | `boolean` | `false` | Connecting through ssh even if running as root |
| [ssl] | `Object` | | SSL settings | | [ssl] | `Object` | | SSL settings |
| [ssl.key] | `string` | | Path to ssl key | | [ssl.key] | `string` | | Path to ssl key |
| [ssl.cert] | `string` | | Path to ssl cert | | [ssl.cert] | `string` | | Path to ssl cert |

6
index.js

@ -67,6 +67,12 @@ if (require.main === module) {
type: 'string', type: 'string',
default: process.env.SSHKEY || undefined, default: process.env.SSHKEY || undefined,
}, },
forcessh: {
demand: false,
description: 'Connecting through ssh even if running as root',
type: 'boolean',
default: process.env.FORCESSH || false
},
base: { base: {
demand: false, demand: false,
alias: 'b', alias: 'b',

2
package.json

@ -1,6 +1,6 @@
{ {
"name": "wetty", "name": "wetty",
"version": "1.2.4", "version": "1.3.0",
"description": "WeTTY = Web + TTY. Terminal access in browser over http/https", "description": "WeTTY = Web + TTY. Terminal access in browser over http/https",
"homepage": "https://github.com/butlerx/wetty", "homepage": "https://github.com/butlerx/wetty",
"repository": { "repository": {

4
src/server/cli/index.ts

@ -6,8 +6,8 @@ import { unWrapArgs } from './parseArgs';
export default function init(opts: CLI): void { export default function init(opts: CLI): void {
if (!opts.help) { if (!opts.help) {
const { ssh, server, command, ssl } = unWrapArgs(opts); const { ssh, server, command, forcessh, ssl } = unWrapArgs(opts);
WeTTy(ssh, server, command, ssl).catch(err => { WeTTy(ssh, server, command, forcessh, ssl).catch(err => {
logger.error(err); logger.error(err);
process.exitCode = 1; process.exitCode = 1;
}); });

1
src/server/cli/options.ts

@ -12,6 +12,7 @@ export interface Options {
port: number; port: number;
title: string; title: string;
command?: string; command?: string;
forcessh?: boolean;
bypasshelmet?: boolean; bypasshelmet?: boolean;
} }

3
src/server/cli/parseArgs.ts

@ -4,7 +4,7 @@ import { Options } from './options';
export function unWrapArgs( export function unWrapArgs(
args: Options args: Options
): { ssh: SSH; server: Server; command?: string; ssl?: SSL } { ): { ssh: SSH; server: Server; command?: string; forcessh?: boolean; ssl?: SSL } {
return { return {
ssh: { ssh: {
user: args.sshuser, user: args.sshuser,
@ -22,6 +22,7 @@ export function unWrapArgs(
bypasshelmet: args.bypasshelmet || false, bypasshelmet: args.bypasshelmet || false,
}, },
command: args.command, command: args.command,
forcessh: args.forcessh,
ssl: ssl:
isUndefined(args.sslkey) || isUndefined(args.sslcert) isUndefined(args.sslkey) || isUndefined(args.sslcert)
? undefined ? undefined

7
src/server/command/index.ts

@ -25,9 +25,10 @@ export default (
}, },
}: Socket, }: Socket,
{ user, host, port, auth, pass, key }: SSH, { user, host, port, auth, pass, key }: SSH,
command: string command: string,
forcessh: boolean
): { args: string[]; user: boolean } => ({ ): { args: string[]; user: boolean } => ({
args: localhost(host) args: !forcessh && localhost(host)
? loginOptions(command, remoteAddress) ? loginOptions(command, remoteAddress)
: sshOptions( : sshOptions(
urlArgs(referer, { urlArgs(referer, {
@ -40,7 +41,7 @@ export default (
key key
), ),
user: user:
localhost(host) || (!forcessh && localhost(host)) ||
user !== '' || user !== '' ||
user.includes('@') || user.includes('@') ||
address(referer, user, host).includes('@'), address(referer, user, host).includes('@'),

5
src/server/command/ssh.ts

@ -15,6 +15,10 @@ export default function sshOptions(
port, port,
'-o', '-o',
`PreferredAuthentications=${auth}`, `PreferredAuthentications=${auth}`,
'-o',
'UserKnownHostsFile=/dev/null',
'-o',
'StrictHostKeyChecking=no',
]; ];
logger.info(`Authentication Type: ${auth}`); logger.info(`Authentication Type: ${auth}`);
if (!isUndefined(key)) { if (!isUndefined(key)) {
@ -26,6 +30,7 @@ export default function sshOptions(
if (auth === 'none') { if (auth === 'none') {
sshRemoteOptsBase.splice(sshRemoteOptsBase.indexOf('-o'), 2); sshRemoteOptsBase.splice(sshRemoteOptsBase.indexOf('-o'), 2);
} }
if (cmd === '') { if (cmd === '') {
return sshRemoteOptsBase; return sshRemoteOptsBase;
} }

3
src/server/wetty/index.ts

@ -22,6 +22,7 @@ export default function startWeTTy(
bypasshelmet: false, bypasshelmet: false,
}, },
command = '', command = '',
forcessh = false,
ssl?: SSL ssl?: SSL
): Promise<void> { ): Promise<void> {
return loadSSL(ssl).then((sslBuffer: SSLBuffer) => { return loadSSL(ssl).then((sslBuffer: SSLBuffer) => {
@ -44,7 +45,7 @@ export default function startWeTTy(
* @name connection * @name connection
*/ */
logger.info('Connection accepted.'); logger.info('Connection accepted.');
const { args, user: sshUser } = getCommand(socket, ssh, command); const { args, user: sshUser } = getCommand(socket, ssh, command, forcessh);
logger.debug('Command Generated', { logger.debug('Command Generated', {
user: sshUser, user: sshUser,
cmd: args.join(' '), cmd: args.join(' '),

Loading…
Cancel
Save