ssh/tailssh: do the full auth flow during ssh auth

Fixes #5091

Signed-off-by: Maisem Ali <maisem@tailscale.com>
This commit is contained in:
Maisem Ali
2022-10-06 10:34:58 -07:00
committed by Maisem Ali
parent c8a3d02989
commit f16b77de5d
5 changed files with 238 additions and 332 deletions

View File

@@ -86,11 +86,9 @@ func (ss *sshSession) newIncubatorCommand() *exec.Cmd {
// TODO(maisem): this doesn't work with sftp
return exec.CommandContext(ss.ctx, name, args...)
}
ss.conn.mu.Lock()
lu := ss.conn.localUser
ci := ss.conn.info
gids := strings.Join(ss.conn.userGroupIDs, ",")
ss.conn.mu.Unlock()
remoteUser := ci.uprof.LoginName
if len(ci.node.Tags) > 0 {
remoteUser = strings.Join(ci.node.Tags, ",")