TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2024-11-29 04:55:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

ssh/tailssh: allow setting some Tailscale SSH config from env vars

Browse Source 
DO NOT SUBMIT; Draft. Just an example.

Change-Id: I46f74e2a1dfeabae70416200cb996857d4dc6144
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick 2024-10-17 08:46:41 -07:00
parent 22c89fcb19
commit 5291af01bc
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
ssh/tailssh/tailssh.go
View File

@ -423,10 +423,19 @@ func (c *conn) doPolicyAuth(ctx ssh.Context, pubKey ssh.PublicKey) error {
// ServerConfig implements ssh.ServerConfigCallback.
func (c *conn) ServerConfig(ctx ssh.Context) *gossh.ServerConfig {
return &gossh.ServerConfig{
sc := &gossh.ServerConfig{
NoClientAuth: true, // required for the NoClientAuthCallback to run
NextAuthMethodCallback: c.nextAuthMethodCallback,
}
ssFromEnv := func(dst *[]string, envKey string) {
if v := os.Getenv(envKey); v != "" {
*dst = strings.Split(v, ",")
}
}
ssFromEnv(&sc.KeyExchanges, "TS_SSH_KEY_EXCHANGE_ALGS")
ssFromEnv(&sc.Ciphers, "TS_SSH_CIPHERS")
ssFromEnv(&sc.MACs, "TS_SSH_MACS")
return sc
}
func (srv *server) newConn() (*conn, error) {