git_clone/handy-sshd
1
0
Fork 0
mirror of https://github.com/nwtgck/handy-sshd.git synced 2025-06-07 22:53:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
Portable SSH Server
43 commits 5 branches 8 tags 233 KiB
Find a file
Ryo Ota 5cc6ad44c6 support Unix domain socket remote forwarding
2023-08-11 10:48:51 +09:00
.github ci: test 2023-08-10 22:34:08 +09:00
cmd support Unix domain socket remote forwarding 2023-08-11 10:48:51 +09:00
main test RootCmd 2023-08-10 22:16:35 +09:00
version bump: 0.2.1 2023-08-10 07:25:09 +09:00
.goreleaser.yml implement basic handy-sshd 2023-08-09 08:01:01 +09:00
CHANGELOG.md bump: 0.2.1 2023-08-10 07:25:09 +09:00
go.mod test: direct-streamlocal 2023-08-11 09:33:24 +09:00
go.sum test: direct-streamlocal 2023-08-11 09:33:24 +09:00
LICENSE implement basic handy-sshd 2023-08-09 08:01:01 +09:00
pty_related_unix.go implement basic handy-sshd 2023-08-09 08:01:01 +09:00
pty_related_unsupported.go implement basic handy-sshd 2023-08-09 08:01:01 +09:00
README.md docs: --allow-direct-streamlocal 2023-08-11 09:44:31 +09:00
server.go support Unix domain socket remote forwarding 2023-08-11 10:48:51 +09:00

README.md

handy-sshd

CI

Portable SSH Server

Install on Ubuntu/Debian

wget https://github.com/nwtgck/handy-sshd/releases/download/v0.2.0/handy-sshd-0.2.0-linux-amd64.deb
sudo dpkg -i handy-sshd-0.2.0-linux-amd64.deb

Install on Mac

brew install nwtgck/handy-sshd/handy-sshd

Get more executables in the releases.

Examples

# Listen on 2222 and accept user name "john" with password "mypassword"
handy-sshd -p 2222 --user "john:mypassword"

# Listen on 2222 and accept user name "john" without password
handy-sshd -p 2222 --user "john:"

# Listen on 2222 and accept users "john" and "alice" without password
handy-sshd -p 2222 --user "john:" --user "alice:"

# Listen on unix domain socket
handy-sshd --unix-socket /tmp/my-unix-socket --user "john:"

Permissions

There are several permissions:

  • --allow-direct-streamlocal
  • --allow-direct-tcpip
  • --allow-execute
  • --allow-sftp
  • --allow-tcpip-forward

All permissions are allowed when nothing is specified. The log shows "allowed: " and "NOT allowed: " permissions as follows:

$ handy-sshd --user "john:"
2023/08/11 09:42:05 INFO listening on :2222...
2023/08/11 09:42:05 INFO allowed: "tcpip-forward", "direct-tcpip", "execute", "sftp", "direct-streamlocal"
2023/08/11 09:42:05 INFO NOT allowed: none

For example, specifying --allow-direct-tcpip and --allow-execute allows only them:

$ handy-sshd --user "john:" --allow-direct-tcpip --allow-execute
2023/08/11 09:38:58 INFO listening on :2222...
2023/08/11 09:38:58 INFO allowed: "direct-tcpip", "execute"
2023/08/11 09:38:58 INFO NOT allowed: "tcpip-forward", "sftp", "direct-streamlocal"

--help

Portable SSH server

Usage:
  handy-sshd [flags]

Flags:
      --allow-direct-streamlocal   client can use Unix domain socket local forwarding
      --allow-direct-tcpip         client can use local forwarding and SOCKS proxy
      --allow-execute              client can use shell/interactive shell
      --allow-sftp                 client can use SFTP and SSHFS
      --allow-tcpip-forward        client can use remote forwarding
  -h, --help                       help for handy-sshd
      --host string                SSH server host (e.g. 127.0.0.1)
  -p, --port uint16                SSH server port (default 2222)
      --shell string               Shell
      --unix-socket string         Unix domain socket
      --user stringArray           SSH user name (e.g. "john:mypassword")
  -v, --version                    show version