ssh2-config

Changelog · Get started · Documentation

Developed by @veeso

Current version: 0.1.0 (04/12/2021)

• ssh2-config
  • About ssh2-config
    • Exposed attributes
    • Missing features
  • Get started 🚀
    • Examples
  • Support the developer ☕
  • Contributing and issues 🤝🏻
  • Changelog ⏳
  • License 📃

About ssh2-config

ssh2-config a library which provides a parser for the SSH configuration file, to be used in pair with the ssh2 crate.

This library provides a method to parse the configuration file and returns the configuration parsed into a structure. The SshConfig structure provides all the attributes which can be used to configure the ssh2 Session and to resolve the host, port and username.

Once the configuration has been parsed you can use the query(&str) method to query configuration for a certain host, based on the configured patterns.

Even if many attributes are not exposed, since not supported, there is anyway a validation of the configuration, so invalid configuration will result in a parsing error.

Exposed attributes

• BindAddress: you can use this attribute to bind the socket to a certain address
• BindInterface: you can use this attribute to bind the socket to a certain network interface
• CASignatureAlgorithms: you can use this attribute to handle CA certificates
• CertificateFile: you can use this attribute to parse the certificate file in case is necessary
• Ciphers: you can use this attribute to set preferred methods with the session method session.method_pref(MethodType::CryptCs, ...) and session.method_pref(MethodType::CryptSc, ...)
• Compression: you can use this attribute to set whether compression is enabled with session.set_compress(value)
• ConnectionAttempts: you can use this attribute to cycle over connect in order to retry
• ConnectTimeout: you can use this attribute to set the connection timeout for the socket
• HostName: you can use this attribute to get the real name of the host to connect to
• KexAlgorithms: you can use this attribute to configure Key exchange methods with session.method_pref(MethodType::Kex, algos.join(",").as_str())
• MACs: you can use this attribute to configure the MAC algos with session.method_pref(MethodType::MacCs, algos.join(",").as_str()) and session.method_pref(MethodType::MacSc, algos.join(",").as_str())
• Port: you can use this attribute to resolve the port to connect to
• PubkeyAuthentication: you can use this attribute to set whether to use the pubkey authentication
• RemoteForward: you can use this method to implement port forwarding with session.channel_forward_listen()
• ServerAliveInterval: you can use this method to implement keep alive message interval
• TcpKeepAlive: you can use this method to tell whether to send keep alive message
• User: you can use this method to resolve the user to use to log in as

Missing features

• Match patterns (Host patterns are supported!!!)
• Tokens

Get started 🚀

First of all, add ssh2-config to your dependencies

[dependencies]
ssh2-config = "^0.1.0"

then parse the configuration

use ssh2_config::{SshConfig};
use std::fs::File;
use std::io::BufReader;

let mut reader = BufReader::new(File::open(config_path).expect("Could not open configuration file"));
let config = SshConfig::default().parse(&mut reader).expect("Failed to parse configuration");

// Query attributes for a certain host
let params = config.query("192.168.1.2");

then you can use the parsed parameters to configure the session:

use ssh2::Session;
use ssh2_config::{HostParams};

fn configure_session(session: &mut Session, params: &HostParams) {
    if let Some(compress) = params.compression {
        session.set_compress(compress);
    }
    if params.tcp_keep_alive.unwrap_or(false) && params.server_alive_interval.is_some() {
        let interval = params.server_alive_interval.unwrap().as_secs() as u32;
        session.set_keepalive(true, interval);
    }
    // algos
    if let Some(algos) = params.kex_algorithms.as_deref() {
        if let Err(err) = session.method_pref(MethodType::Kex, algos.join(",").as_str()) {
            panic!("Could not set KEX algorithms: {}", err);
        }
    }
    if let Some(algos) = params.host_key_algorithms.as_deref() {
        if let Err(err) = session.method_pref(MethodType::HostKey, algos.join(",").as_str()) {
            panic!("Could not set host key algorithms: {}", err);
        }
    }
    if let Some(algos) = params.ciphers.as_deref() {
        if let Err(err) = session.method_pref(MethodType::CryptCs, algos.join(",").as_str()) {
            panic!("Could not set crypt algorithms (client-server): {}", err);
        }
        if let Err(err) = session.method_pref(MethodType::CryptSc, algos.join(",").as_str()) {
            panic!("Could not set crypt algorithms (server-client): {}", err);
        }
    }
    if let Some(algos) = params.mac.as_deref() {
        if let Err(err) = session.method_pref(MethodType::MacCs, algos.join(",").as_str()) {
            panic!("Could not set MAC algorithms (client-server): {}", err);
        }
        if let Err(err) = session.method_pref(MethodType::MacSc, algos.join(",").as_str()) {
            panic!("Could not set MAC algorithms (server-client): {}", err);
        }
    }
}

Examples

You can view a working examples of an implementation of ssh2-config with ssh2 in the examples folder at client.rs.

You can run the example with

cargo run --example client -- <remote-host> [config-file-path]

Support the developer ☕

If you like ssh2-config and you're grateful for the work I've done, please consider a little donation 🥳

You can make a donation with one of these platforms:

Contributing and issues 🤝🏻

Contributions, bug reports, new features and questions are welcome! 😉 If you have any question or concern, or you want to suggest a new feature, or you want just want to improve ssh2-config, feel free to open an issue or a PR.

Please follow our contributing guidelines

Changelog ⏳

View ssh2-config's changelog HERE

License 📃

ssh2-config is licensed under the MIT license.

You can read the entire license HERE