SSH server works!

kylecarbs · kylecarbs · commit af5e3c2bcd56 · 2022-02-16T17:34:16.000Z
diff --git a/agent/server.go b/agent/server.go
@@ -2,8 +2,12 @@ package agent
 
 import (
 	"context"
+	"crypto/rand"
+	"crypto/rsa"
 	"errors"
+	"fmt"
 	"io"
+	"net"
 	"sync"
 	"time"
 
@@ -47,15 +51,37 @@ type server struct {
 
 func (s *server) init(ctx context.Context) {
 	forwardHandler := &ssh.ForwardedTCPHandler{}
+	key, err := rsa.GenerateKey(rand.Reader, 2048)
+	if err != nil {
+		panic(err)
+	}
+	signer, err := gossh.NewSignerFromKey(key)
+	if err != nil {
+		panic(err)
+	}
 	s.sshServer = &ssh.Server{
+		ChannelHandlers: ssh.DefaultChannelHandlers,
+		ConnectionFailedCallback: func(conn net.Conn, err error) {
+			fmt.Printf("Conn failed: %s\n", err)
+		},
+		Handler: func(s ssh.Session) {
+			fmt.Printf("WE GOT %q %q\n", s.User(), s.RawCommand())
+		},
+		HostSigners: []ssh.Signer{signer},
 		LocalPortForwardingCallback: func(ctx ssh.Context, destinationHost string, destinationPort uint32) bool {
+			// Allow local port forwarding all!
+			return true
+		},
+		PtyCallback: func(ctx ssh.Context, pty ssh.Pty) bool {
 			return false
 		},
 		ReversePortForwardingCallback: func(ctx ssh.Context, bindHost string, bindPort uint32) bool {
-			return false
+			// Allow revere port forwarding all!
+			return true
 		},
-		PtyCallback: func(ctx ssh.Context, pty ssh.Pty) bool {
-			return false
+		RequestHandlers: map[string]ssh.RequestHandler{
+			"tcpip-forward":        forwardHandler.HandleSSHRequest,
+			"cancel-tcpip-forward": forwardHandler.HandleSSHRequest,
 		},
 		ServerConfigCallback: func(ctx ssh.Context) *gossh.ServerConfig {
 			return &gossh.ServerConfig{
@@ -65,13 +91,12 @@ func (s *server) init(ctx context.Context) {
 					// encrypted. If possible, we'd disable encryption entirely here.
 					Ciphers: []string{"arcfour"},
 				},
+				PublicKeyCallback: func(conn gossh.ConnMetadata, key gossh.PublicKey) (*gossh.Permissions, error) {
+					return &gossh.Permissions{}, nil
+				},
 				NoClientAuth: true,
 			}
 		},
-		RequestHandlers: map[string]ssh.RequestHandler{
-			"tcpip-forward":        forwardHandler.HandleSSHRequest,
-			"cancel-tcpip-forward": forwardHandler.HandleSSHRequest,
-		},
 	}
 
 	go s.run(ctx)
diff --git a/agent/server_test.go b/agent/server_test.go
@@ -2,7 +2,6 @@ package agent_test
 
 import (
 	"context"
-	"net"
 	"os"
 	"testing"
 
@@ -14,9 +13,14 @@ import (
 	"github.com/coder/coder/provisionersdk"
 	"github.com/pion/webrtc/v3"
 	"github.com/stretchr/testify/require"
+	"go.uber.org/goleak"
 	"golang.org/x/crypto/ssh"
 )
 
+func TestMain(m *testing.M) {
+	goleak.VerifyTestMain(m)
+}
+
 func TestAgent(t *testing.T) {
 	t.Run("asd", func(t *testing.T) {
 		ctx := context.Background()
@@ -45,9 +49,10 @@ func TestAgent(t *testing.T) {
 		require.NoError(t, err)
 		sshConn, channels, requests, err := ssh.NewClientConn(channel.NetConn(), "localhost:22", &ssh.ClientConfig{
 			User: "kyle",
-			HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error {
-				return nil
+			Config: ssh.Config{
+				Ciphers: []string{"arcfour"},
 			},
+			HostKeyCallback: ssh.InsecureIgnoreHostKey(),
 		})
 		require.NoError(t, err)
 		sshClient := ssh.NewClient(sshConn, channels, requests)
diff --git a/peer/channel.go b/peer/channel.go
@@ -3,10 +3,8 @@ package peer
 import (
 	"bufio"
 	"context"
-	"fmt"
 	"io"
 	"net"
-	"runtime/debug"
 	"sync"
 	"time"
 
@@ -205,7 +203,6 @@ func (c *Channel) Read(bytes []byte) (int, error) {
 		if c.isClosed() {
 			return 0, c.closeError
 		}
-		debug.PrintStack()
 		// An EOF always occurs when the connection is closed.
 		// Alternative close errors will occur first if an unexpected
 		// close has occurred.
@@ -253,8 +250,6 @@ func (c *Channel) Write(bytes []byte) (n int, err error) {
 	// See: https://github.com/pion/sctp/issues/181
 	time.Sleep(time.Microsecond)
 
-	fmt.Printf("Writing %d\n", len(bytes))
-
 	return c.rwc.Write(bytes)
 }
 
