artifactory_ssh_proxy icon indicating copy to clipboard operation
artifactory_ssh_proxy copied to clipboard

Published 20 hours ago verified publisher icon YahooArchive

support to read multiple hostkeys in a file

Open yuta1024 opened this issue 6 years ago • 0 comments

This PR supports to read multiple hostkeys in a file.

As a background, it is a same as https://github.com/yahoo/artifactory_ssh_proxy/pull/65. A approach of this PR reads multiple keys in one file. I would like to use this changes instead of https://github.com/yahoo/artifactory_ssh_proxy/pull/65.

A example of settings and hostkeys are below.

./developer_config/conf/sshd_proxy/sshd_proxy.properties

sshd.root=developer_config
sshd.port=2222
sshd.artifactoryUrl=http://localhost:4080/artifactory
# use the default.
sshd.artifactoryUsername=admin
sshd.artifactoryPassword=password

# run artifactory in the same jvm
sshd.jetty.port=4080
sshd.jetty.webapp.dir=developer_config/webapps

sshd.hostKeyPath=./developer_config/conf/sshd_proxy/ssh_host_key

./developer_config/conf/sshd_proxy/ssh_host_key

-----BEGIN DSA PRIVATE KEY-----
MIIBugIBAAKBgQCn6jiKpG0Ad1lWHKHja3lEuFdkE6AeaI2aI1ZqHPZ7GZihLFha
(snip)
InePBpfIrrLi5A4dBdk=
-----END DSA PRIVATE KEY-----
-----BEGIN RSA PRIVATE KEY-----
MIIEoQIBAAKCAQEAzy7ZPTOLMIyDD2YNVF/1SljRQwG3Yak3itiBEJaKnv5R5fnB
(snip)
zfxuPJBtHnnYU5/BSzMi8CCgbk63eHPf/WARe8DrV525UeQ+Yw==
-----END RSA PRIVATE KEY-----

The following outputs are results that verify support multiple hostkeys using above settings and hostkeys.

$ ssh -o HostKeyAlgorithms="ssh-dss" -p 2222 localhost
The authenticity of host '[localhost]:2222 ([127.0.0.1]:2222)' can't be established.
DSA key fingerprint is cd:0b:d6:61:48:bf:bd:90:fa:1c:5c:54:8a:07:b2:49.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[localhost]:2222' (DSA) to the list of known hosts.
*---------------------------------------------------*
|               _  _ _  _|    _-|-. _  _            |
|    this is a |_)| (_)(_||_|(_ | |(_)| | server    |
|              |                                    |
*---------------------------------------------------*
Connection to localhost closed.

$ ssh -o HostKeyAlgorithms="ssh-rsa" -p 2222 localhost
The authenticity of host '[localhost]:2222 ([127.0.0.1]:2222)' can't be established.
RSA key fingerprint is 24:08:6f:00:7f:38:6d:27:0d:fd:42:5e:e9:be:fb:15.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[localhost]:2222' (RSA) to the list of known hosts.
*---------------------------------------------------*
|               _  _ _  _|    _-|-. _  _            |
|    this is a |_)| (_)(_||_|(_ | |(_)| | server    |
|              |                                    |
*---------------------------------------------------*
Connection to localhost closed.

yuta1024 avatar Mar 09 '18 05:03 yuta1024