Skip to content

Commit

Permalink
Merge branch 'main' into dev
Browse files Browse the repository at this point in the history
# Conflicts:
#	src/channel/local/channel.rs
#	src/channel/local/mod.rs
#	src/channel/mod.rs
#	src/constant.rs
  • Loading branch information
1148118271 committed Dec 12, 2023
2 parents 498f62e + be05260 commit 0e94e52
Show file tree
Hide file tree
Showing 83 changed files with 2,201 additions and 1,559 deletions.
26 changes: 23 additions & 3 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -83,8 +83,28 @@ jobs:
run: apk add --no-cache --update sudo openssh bash openssh-keygen gcc musl-dev rust cargo
- name: add user
run: addgroup ubuntu && adduser --shell /bin/ash --disabled-password --home /home/ubuntu --ingroup ubuntu ubuntu && echo "ubuntu:password" | chpasswd
- name: config ssh
run: ssh-keygen -A && sed -i -E "s|(AuthorizedKeysFile).*|\1 %h/.ssh/authorized_keys|g" /etc/ssh/sshd_config && echo "HostKeyAlgorithms=+ssh-rsa" >> /etc/ssh/sshd_config && echo "PubkeyAcceptedAlgorithms=+ssh-rsa" >> /etc/ssh/sshd_config && echo "KexAlgorithms=+diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" >> /etc/ssh/sshd_config && sed -i -E "s/#?(ChallengeResponseAuthentication|PasswordAuthentication).*/\1 yes/g" /etc/ssh/sshd_config
- name: config ssh keys
run: ssh-keygen -A
- name: generate dsa keys
run: ssh-keygen -t dsa -b 1024 -N '' -f /etc/ssh/ssh_host_dsa_key
- name: add pubkey authentication
run: sed -i -E "s|(AuthorizedKeysFile).*|\1 %h/.ssh/authorized_keys|g" /etc/ssh/sshd_config
- name: enable password authentication
run: sed -i -E "s/#?(ChallengeResponseAuthentication|PasswordAuthentication).*/\1 yes/g" /etc/ssh/sshd_config
- name: add deprecated pubkeys
run: echo "HostKeyAlgorithms=+ssh-rsa,ssh-dss" >> /etc/ssh/sshd_config && echo "PubkeyAcceptedAlgorithms=+ssh-rsa,ssh-dss" >> /etc/ssh/sshd_config
- name: add deprecated kexes
run: echo "KexAlgorithms=+diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" >> /etc/ssh/sshd_config
- name: add deprecated ciphers
run: echo "Ciphers=+aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc" >> /etc/ssh/sshd_config
- name: add deprecated dsa keys
run: echo "HostKey /etc/ssh/ssh_host_dsa_key" >> /etc/ssh/sshd_config
- name: add rsa keys
run: echo "HostKey /etc/ssh/ssh_host_rsa_key" >> /etc/ssh/sshd_config
- name: add ed25519 keys
run: echo "HostKey /etc/ssh/ssh_host_ed25519_key" >> /etc/ssh/sshd_config
- name: add ecdsa keys
run: echo "HostKey /etc/ssh/ssh_host_ecdsa_key" >> /etc/ssh/sshd_config
- name: create .ssh
run: mkdir -p /home/ubuntu/.ssh && umask 066; touch /home/ubuntu/.ssh/authorized_keys
- name: generate rsa files
Expand All @@ -98,6 +118,6 @@ jobs:
- name: run ssh
run: mkdir /run/sshd && /usr/sbin/sshd -T &&/usr/sbin/sshd -D -p 8888 &
- name: Test
run: cargo test --all-features
run: cargo test --all-features -- --test-threads 1
- name: Doc test
run: cargo test --doc --all-features
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
.idea
target
.gitignore
.vscode
# Generated by Cargo
# will have compiled files and executables
/target/
Expand Down
72 changes: 48 additions & 24 deletions Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "ssh-rs"
version = "0.3.2"
version = "0.4.5"
edition = "2021"
authors = [
"Gao Xiang Kang <1148118271@qq.com>",
Expand All @@ -14,41 +14,65 @@ repository = "https://github.com/1148118271/ssh-rs"

# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[features]
dangerous-algorithms = ["dangerous-rsa-sha1", "dangerous-dh-group1-sha1"]
dangerous-rsa-sha1 = ["sha1"]
dangerous-dh-group1-sha1 = []
deprecated-algorithms = [
"deprecated-rsa-sha1",
"deprecated-dh-group1-sha1",
"deprecated-aes-cbc",
"deprecated-des-cbc",
"deprecated-dss-sha1"
]
deprecated-rsa-sha1 = ["dep:sha1"]
deprecated-dss-sha1 = ["dep:sha1", "dep:dsa"]
deprecated-dh-group1-sha1 = ["dep:sha1"]
deprecated-aes-cbc = ["dep:cbc", "dep:cipher"]
deprecated-des-cbc = ["dep:cbc", "dep:cipher", "dep:des"]
deprecated-zlib = []
scp = ["dep:filetime"]

[lib]
name = "ssh"
path = "src/lib.rs"

[dependencies]
log = "0.4"
## error
thiserror = "^1.0"

## log
tracing = { version = "0.1.36", features = ["log"] }

## string enum
strum = "0.25"
strum_macros = "0.25"

## algorithm
rand = "0.8"
num-bigint = { version = "0.4", features = ["rand"] }
strum = "0.24"
strum_macros = "0.24"
# the crate rsa has removed the internal hash implement from 0.7.0
sha1 = { version = "0.10.5", default-features = false, features = ["oid"], optional = true }
sha2 = { version = "0.10.6", default-features = false, features = ["oid"]}
rsa = "^0.7"
aes = { version = "0.7", features = ["ctr"] }
ssh-key = { version = "0.5.1", features = ["rsa", "ed25519"]}
signature = "1.6.4"
ring = "0.16.20"
filetime = "0.2"
dsa = { version = "0.6.1", optional = true }
rsa = "0.9"
aes = "0.8"
ctr = "0.9"
des = { version = "0.8", optional = true }
cbc = { version = "0.1", optional = true }
cipher = { version = "0.4", optional = true }
ssh-key = { version = "0.6", features = ["rsa", "ed25519", "alloc"]}
signature = "2.1"
ring = "0.17"

## compression
flate2 = "^1.0"

# async
# [target.'cfg(not(target_arch = "wasm32"))'.dependencies]
# tokio = { version = "^1", features = ["full"] }
## utils
filetime = { version = "0.2", optional = true }

[target.'cfg(target_arch = "wasm32")'.dependencies]
getrandom = { version = "0.2", features = ["js"] }
# tokio = { version = "^1", features = [
# "sync",
# "macros",
# "io-util",
# "rt",
# "time"
# ]}
ring = { version = "0.17", features = ["wasm32_unknown_unknown_js"] }


[dev-dependencies]
tracing-subscriber = { version = "^0.3" }
paste = "1"


Expand Down
70 changes: 37 additions & 33 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,8 @@ or [PR](https://github.com/1148118271/ssh-rs/pulls) .
### 1. Password:

```rust
use ssh_rs::ssh;
use ssh;

let mut session = ssh::create_session()
.username("ubuntu")
.password("password")
Expand All @@ -67,7 +68,8 @@ let mut session = ssh::create_session()
// and end with
// -----END RSA PRIVATE KEY----- / -----END OPENSSH PRIVATE KEY-----
// simply generated by `ssh-keygen -t rsa -m PEM -b 4096`
use ssh_rs::ssh;
use ssh;

let mut session = ssh::create_session()
.username("ubuntu")
.private_key_path("./id_rsa")
Expand All @@ -82,7 +84,8 @@ let mut session = ssh::create_session()
// -----BEGIN RSA PRIVATE KEY----- / -----BEGIN OPENSSH PRIVATE KEY-----
// and end with
// -----END RSA PRIVATE KEY----- / -----END OPENSSH PRIVATE KEY-----
use ssh_rs::ssh;
use ssh;

let mut session = ssh::create_session()
.username("ubuntu")
.private_key("rsa_string")
Expand All @@ -95,7 +98,8 @@ let mut session = ssh::create_session()
* According to the implementation of OpenSSH, it will try public key first and fallback to password. So both of them can be provided.

```Rust
use ssh_rs::ssh;
use ssh;

let mut session = ssh::create_session()
.username("username")
.password("password")
Expand All @@ -106,33 +110,38 @@ let mut session = ssh::create_session()

## Enable global logging:

* There are two APIs to enable logs, basicly `enable_log()` will set the log level to `INFO`, and `debug()` will set it to `Debug`

* But you can implement your own logger as well.
* This crate now uses the `log` compatible `tracing` for logging functionality

```rust
use ssh_rs::ssh;
use tracing::Level;
use tracing_subscriber::FmtSubscriber;

// this will generate some basic event logs
ssh::enable_log();
// this will generate verbose logs
ssh::debug()
// a builder for `FmtSubscriber`.
let subscriber = FmtSubscriber::builder()
// all spans/events with a level higher than INFO (e.g, info, warn, etc.)
// will be written to stdout.
.with_max_level(Level::INFO)
// completes the builder.
.finish();

tracing::subscriber::set_global_default(subscriber).expect("setting default subscriber failed");
```

## Set timeout:

* Only global timeouts per r/w are currently supported.

```rust
use ssh_rs::ssh;
use ssh;

ssh::debug();
let _listener = TcpListener::bind("127.0.0.1:7777").unwrap();

match ssh::create_session()
.username("ubuntu")
.password("password")
.private_key_path("./id_rsa")
.timeout(5 * 1000)
.timeout(Some(std::time::Duration::from_secs(5)))
.connect("127.0.0.1:7777")
{
Err(e) => println!("Got error {}", e),
Expand All @@ -159,44 +168,39 @@ match ssh::create_session()
* `ecdh-sha2-nistp256`
* `diffie-hellman-group14-sha256`
* `diffie-hellman-group14-sha1`
* `diffie-hellman-group1-sha1` (behind feature "dangerous-dh-group1-sha1")
* `diffie-hellman-group1-sha1` (behind feature "deprecated-dh-group1-sha1")

### 2. Server host key algorithms

* `ssh-ed25519`
* `rsa-sha2-256`
* `rsa-sha2-512`
* `rsa-sha` (behind feature "dangerous-rsa-sha1")

### 3. Encryption algorithms (client to server)
* `rsa-sha` (behind feature "deprecated-rsa-sha1")
* `ssh-dss` (behind feature "deprecated-dss-sha1")

* `chacha20-poly1305@openssh.com`
* `aes128-ctr`

### 4. Encryption algorithms (server to client)
### 3. Encryption algorithms

* `chacha20-poly1305@openssh.com`
* `aes128-ctr`
* `aes192-ctr`
* `aes256-ctr`
* `aes128-cbc` (behind feature "deprecated-aes-cbc")
* `aes192-cbc` (behind feature "deprecated-aes-cbc")
* `aes256-cbc` (behind feature "deprecated-aes-cbc")
* `3des-cbc` (behind feature "deprecated-des-cbc")

### 5. Mac algorithms (client to server)
### 4. Mac algorithms

* `hmac-sha2-256`
* `hmac-sha2-512`
* `hmac-sha1`

### 6. Mac algorithms (server to client)

* `hmac-sha2-256`
* `hmac-sha2-512`
* `hmac-sha1`

### 7. Compression algorithms (client to server)

* `none`

### 8. Compression algorithms (server to client)
### 5. Compression algorithms

* `none`
* `zlib@openssh.com`
* `zlib` (behind feature "zlib")

---

Expand Down
65 changes: 38 additions & 27 deletions README_ZH.md
Original file line number Diff line number Diff line change
Expand Up @@ -49,25 +49,39 @@ fn main() {
```

### 启用全局日志:

本crate现在使用兼容`log``tracing` crate记录log
使用下面的代码片段启用log
```rust
ssh::debug();
use tracing::Level;
use tracing_subscriber::FmtSubscriber;
// this will generate some basic event logs
// a builder for `FmtSubscriber`.
let subscriber = FmtSubscriber::builder()
// all spans/events with a level higher than INFO (e.g, info, warn, etc.)
// will be written to stdout.
.with_max_level(Level::INFO)
// completes the builder.
.finish();

tracing::subscriber::set_global_default(subscriber).expect("setting default subscriber failed");
```

### 设置超时时间
### 设置全局超时时间

```rust
ssh::create_session().timeout(50);
ssh::create_session().timeout(Some(std::time::Duration::from_secs(5)));
```

### 目前只支持 exec shell scp 三种使用方式:
1. [exec示例](examples/exec/src/main.rs)
2. [shell示例](examples/shell/src/main.rs)
3. [scp示例](examples/scp/src/main.rs)
### 使用样例
* 更多使用样例请参考[examples](examples)目录

1. [执行单个命令](examples/exec/src/main.rs)
2. [通过scp传输文件](examples/scp/src/main.rs)
3. [启动一个pty](examples/shell/src/main.rs)
4. [运行一个交互式的shell](examples/shell_interactive/src/main.rs)
5. [使用非tcp连接](examples/bio/src/main.rs)
6. [自行配置密码组](examples/customized_algorithms/src/main.rs)

### 自定义连接方式:
[bio示例](examples/bio/src/main.rs)

### 算法支持:

Expand All @@ -81,33 +95,30 @@ ssh::create_session().timeout(50);
* `ssh-ed25519`
* `rsa-sha2-512`
* `rsa-sha2-256`
* `rsa-sha` (features = ["dangerous-rsa-sha1"])

#### 3. 加密算法(客户端到服务端)

* `chacha20-poly1305@openssh.com`
* `aes128-ctr`
* `rsa-sha` (features = ["deprecated-rsa-sha1"])
* `ssh-dss` (features = ["deprecated-dss-sha1"])

#### 4. 加密算法(服务端到客户端)
#### 3. 加密算法

* `chacha20-poly1305@openssh.com`
* `aes128-ctr`
* `aes192-ctr`
* `aes256-ctr`
* `aes128-cbc` (features = ["deprecated-aes-cbc"])
* `aes192-cbc` (features = ["deprecated-aes-cbc"])
* `aes256-cbc` (features = ["deprecated-aes-cbc"])
* `3des-cbc` (features = ["deprecated-des-cbc"])

#### 5. MAC算法(客户端到服务端)
#### 4. MAC算法

* `hmac-sha2-256`
* `hmac-sha2-512`
* `hmac-sha1`

#### 6. MAC算法(服务端到客户端)

* `hmac-sha1`

#### 7. 压缩算法(客户端到服务端)

* `none`

#### 8. 压缩算法(服务端到客户端)
#### 5. 压缩算法

* `none`
* `zlib` (behind feature "zlib")

---

Expand Down
Loading

0 comments on commit 0e94e52

Please sign in to comment.