pupirka

1
package main
2

3
import (
4
	"bytes"
5
	"errors"
6
	"fmt"
7
	"golang.org/x/crypto/ssh"
8
	"io/ioutil"
9
	"time"
10
)
11

12
var sshkkeysAlgo = []string{
13
	"diffie-hellman-group1-sha1",
14
	"diffie-hellman-group14-sha1",
15
	"ecdh-sha2-nistp256",
16
	"ecdh-sha2-nistp384",
17
	"ecdh-sha2-nistp521",
18
	"diffie-hellman-group-exchange-sha1",
19
	"diffie-hellman-group-exchange-sha256",
20
	"curve25519-sha256@libssh.org",
21
}
22
var sshChippers = []string{
23
	"aes128-gcm@openssh.com",
24
	"cast128-cbc",
25
	"aes128-ctr", "aes192-ctr", "aes256-ctr",
26
	"3des-cbc", "blowfish-cbc", "twofish-cbc", "twofish256-cbc", "twofish192-cbc", "twofish128-cbc", "aes256-cbc", "aes192-cbc", "aes128-cbc", "arcfour",
27
}
28

29
//connect and run command, return []byte
30
func SshClientRun(device *Device) ([]byte, error) {
31

32
	auth, err := SshClientDeviceAuth(device)
33
	if err != nil {
34
		return []byte{}, err
35
	}
36
	device.LogDebug(fmt.Sprintf("SshClientRun: Get auth (%t)", auth))
37

38
	config := &ssh.ClientConfig{
39
		Config: ssh.Config{
40
			KeyExchanges: sshkkeysAlgo,
41
			Ciphers:      sshChippers,
42
		},
43
		User:            device.Username,
44
		Auth:            auth,
45
		HostKeyCallback: ssh.InsecureIgnoreHostKey(),
46
		Timeout:         time.Duration(device.Timeout) * time.Second,
47
	}
48
	address := SshAddressFormat(device)
49
	client, err := ssh.Dial("tcp", address, config)
50
	if err != nil {
51
		return nil, errors.New("SshClientRun: DialSSH error:" + err.Error())
52
	}
53
	defer client.Close()
54
	device.LogDebug(fmt.Sprintf("SshClientRun: ssh Dial running %s", device.Name))
55
	session, err := client.NewSession()
56
	if err != nil {
57
		return nil, errors.New("SshClientRun: NewSession error:" + err.Error())
58
	}
59
	defer session.Close()
60
	device.LogDebug(fmt.Sprintf("SshClientRun: ssh session running %s", device.Name))
61
	var b bytes.Buffer
62
	session.Stdout = &b
63

64
	if err := session.Run(device.Command); err != nil {
65
		return nil, errors.New("SshClientRun: Run command error:" + err.Error())
66
	}
67
	device.LogDebug(fmt.Sprintf("SshClientRun: Read bytes good %s", device.Name))
68
	return b.Bytes(), nil
69
}
70

71
//prepare auth method for client
72
func SshClientDeviceAuth(device *Device) ([]ssh.AuthMethod, error) {
73
	var auth []ssh.AuthMethod
74
	if device.Authkey == false {
75
		if device.Password == "" {
76
			return nil, errors.New("SshClientDeviceAuth: Password empty")
77
		}
78
		auth = append(auth, ssh.Password(device.Password))
79
		return auth, nil
80
	}
81

82
	flp := fmt.Sprintf("%s/%s", ConfigV.GetString("path.key"), device.Key)
83
	key, err := ioutil.ReadFile(flp)
84
	if err != nil {
85
		return nil, errors.New("SshClientDeviceAuth: read key file:" + err.Error())
86
	}
87
	signer, err := ssh.ParsePrivateKey(key)
88
	if err != nil {
89
		return nil, errors.New("SshClientDeviceAuth: parse private file:" + err.Error())
90
	}
91
	auth = append(auth, ssh.PublicKeys(signer))
92
	return auth, nil
93
}
94

95
func SshAddressFormat(device *Device) string {
96
	str := fmt.Sprintf("%s:%d", device.Address, device.PortSSH)
97
	device.LogDebug(fmt.Sprintf("SshAddressFormat: addres (%s)", str))
98
	return str
99
}
100