1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-30 01:10:58 +01:00
phorge-phorge/bin
epriestley 888b3839e7 Prepare to route VCS connections through SSH
Summary:
Fixes T2229. This sets the stage for a patch similar to D7417, but for SSH. In particular, SSH 6.2 introduced an `AuthorizedKeysCommand` directive, which lets us do this in a mostly-reasonable way without needing users to patch sshd (if they have a recent enough version, at least).

The way the `AuthorizedKeysCommand` works is that it gets run and produces an `authorized_keys`-style file fragment. This isn't ideal, because we have to dump every key into the result, but should be fine for most installs. The earlier patch against `sshd` passes the public key itself, which allows the script to just look up the key. We might use this eventually, since it can scale much better, so I haven't removed it.

Generally, auth is split into two scripts now which mostly do the same thing:

  - `ssh-auth` is the AuthorizedKeysCommand auth, which takes nothing and dumps the whole keyfile.
  - `ssh-auth-key` is the slightly cleaner and more scalable (but patch-dependent) version, which takes the public key and dumps only matching options.

I also reworked the argument parsing to be a bit more sane.

Test Plan:
This is somewhat-intentionally a bit obtuse since I don't really want anyone using it yet, but basically:

  - Copy `phabricator-ssh-hook.sh` to somewhere like `/usr/libexec/openssh/`, chown it `root` and chmod it `500`.
    - This script should probably also do a username check in the future.
  - Create a copy of `sshd_config` and fix the paths/etc. Point the KeyScript at your copy of the hook.
  - Start a copy of sshd (6.2 or newer) with `-f <your config file>` and maybe `-d -d -d` to foreground and debug.
  - Run `ssh -p 2222 localhost` or similar.

Specifically, I did this setup and then ran a bunch of commands like:

  - `ssh host` (denied, no command)
  - `ssh host ls` (denied, not supported)
  - `echo '{}' | ssh host conduit conduit.ping` (works)

Reviewers: btrahan

Reviewed By: btrahan

CC: hach-que, aran

Maniphest Tasks: T2229, T2230

Differential Revision: https://secure.phabricator.com/D7419
2013-10-29 15:32:40 -07:00
..
accountadmin Improve CLI script for account creation and document account/reg setup process 2011-05-12 18:44:53 -07:00
aphlict Add a bin/aphlict wrapper to handle aphlict config / daemonization 2012-06-18 15:11:19 -07:00
audit Provide a more flexible script for administrative management of audits 2013-08-05 10:35:01 -07:00
auth Add very basic bin/auth tool 2013-06-17 10:55:05 -07:00
cache Provide 'bin/cache', for managing caches 2013-05-20 10:16:35 -07:00
config Add a local configuration source and a non-environmental ENV config source 2012-12-30 06:16:15 -08:00
diviner Port Diviner Core to Phabricator 2013-01-07 14:04:23 -08:00
drydock Modernize the drydock script 2012-11-01 15:30:14 -07:00
fact Add a basic "fact" application 2012-07-27 13:34:21 -07:00
feed Push feed publishing deeper into the task queue 2013-06-25 16:29:47 -07:00
files Add a script to migrate files between storage engines 2012-10-25 11:36:38 -07:00
lipsum First Diff of Test Data Generator 2013-04-12 14:07:16 -07:00
mail Introduce basic bin/mail with a resend workflow 2013-03-30 15:53:49 -07:00
phd Launch daemons with a full Phabricator environment in the overseers 2013-07-23 12:09:45 -07:00
policy Add a very simple bin/policy script for CLI policy administration 2013-09-29 09:06:41 -07:00
repository Introduce "bin/repository" for repository management 2012-06-25 12:35:37 -07:00
search Improve Search architecture 2012-12-21 14:21:31 -08:00
ssh-auth Implement SSHD glue and Conduit SSH endpoint 2012-12-19 11:08:07 -08:00
ssh-auth-key Prepare to route VCS connections through SSH 2013-10-29 15:32:40 -07:00
ssh-exec Implement SSHD glue and Conduit SSH endpoint 2012-12-19 11:08:07 -08:00
storage Make SQL patch management DAG-based and provide namespace support 2012-04-30 07:54:00 -07:00