Parse downstream username
obiwankenobi72 opened this issue · 7 comments
Hi ,
Is it possible to parse the downstream side username with a regex, before routing to destination server ?
I 'd like to add the 'host' part in username before to parse it :
ssh HOST_USER@sshpiper.domain.ltd will be routed to USER@HOST.lan
thanks for this great work
https://github.com/tg123/sshpiper/blob/master/sshpiperd/e2e/sshpiperd.yaml#L65
yaml upstream has regex support
unlike http, hostname, Host: XX , is not a part of ssh protocol. as a result, there is no way to know what the hostname is when client side is handshaking.
reopen if you have any other questions.
Thank you for the quick response.
sorry but maybe I wasn't clear enough
Using the workingdir module, you get the downstream username (DOWNSTREAMUSERNAME ) to set the path to the sshpiper_upstream file, which contains the routing information to the destination server.
As you said, it's not possible to retreive host information with ssh protocol.
But if the DOWNSTREAMUSERNAME field was composed of 2 parts: DESTINATIONHOST+UPSTREAMUSERNAME, would it be possible to apply a regex to it, in order to define the rules to the destination server (via workingdir, yaml or db upstream) ?
This would be useful if we had the same username on different servers (server1-user@sshpiper.domain.ltd would be routed to user@server1 and server2-user@sshpiper.domain.ltd to user@server2) without worrying about the hostname.
Thanks
@tg123 i'm not able to reopen this issue
the best way to do it is to fork the code and create a customized sshpiper
I am working on a grpc based sshpiper upstream module, which allow users to write their own routing code.
Ok so I've leaved k8s and now sshpiperd is sooo cool
sshpiperd pipe add -ngitlab -u10.0.0.102 -p22 --upstream-username=git
close with grpc upstream