mirror of
				https://github.com/tailscale/tailscale.git
				synced 2025-10-26 10:39:19 +00:00 
			
		
		
		
	 fad6bae764
			
		
	
	fad6bae764
	
	
	
		
			
			When reporting ssh host keys to control, log a warning if we're unable to get the SSH host keys. Updates tailscale/escalations#21 Signed-off-by: Percy Wegmann <percy@tailscale.com>
		
			
				
	
	
		
			233 lines
		
	
	
		
			5.9 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			233 lines
		
	
	
		
			5.9 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
| // Copyright (c) Tailscale Inc & AUTHORS
 | |
| // SPDX-License-Identifier: BSD-3-Clause
 | |
| 
 | |
| //go:build linux || (darwin && !ios) || freebsd || openbsd
 | |
| 
 | |
| package ipnlocal
 | |
| 
 | |
| import (
 | |
| 	"bytes"
 | |
| 	"crypto/ecdsa"
 | |
| 	"crypto/ed25519"
 | |
| 	"crypto/elliptic"
 | |
| 	"crypto/rand"
 | |
| 	"crypto/rsa"
 | |
| 	"crypto/x509"
 | |
| 	"encoding/pem"
 | |
| 	"errors"
 | |
| 	"fmt"
 | |
| 	"os"
 | |
| 	"os/exec"
 | |
| 	"path/filepath"
 | |
| 	"runtime"
 | |
| 	"slices"
 | |
| 	"strings"
 | |
| 	"sync"
 | |
| 
 | |
| 	"github.com/tailscale/golang-x-crypto/ssh"
 | |
| 	"go4.org/mem"
 | |
| 	"tailscale.com/tailcfg"
 | |
| 	"tailscale.com/util/lineread"
 | |
| 	"tailscale.com/util/mak"
 | |
| )
 | |
| 
 | |
| // keyTypes are the SSH key types that we either try to read from the
 | |
| // system's OpenSSH keys or try to generate for ourselves when not
 | |
| // running as root.
 | |
| var keyTypes = []string{"rsa", "ecdsa", "ed25519"}
 | |
| 
 | |
| // getSSHUsernames discovers and returns the list of usernames that are
 | |
| // potential Tailscale SSH user targets.
 | |
| //
 | |
| // Invariant: must not be called with b.mu held.
 | |
| func (b *LocalBackend) getSSHUsernames(req *tailcfg.C2NSSHUsernamesRequest) (*tailcfg.C2NSSHUsernamesResponse, error) {
 | |
| 	res := new(tailcfg.C2NSSHUsernamesResponse)
 | |
| 	if !b.tailscaleSSHEnabled() {
 | |
| 		return res, nil
 | |
| 	}
 | |
| 
 | |
| 	max := 10
 | |
| 	if req != nil && req.Max != 0 {
 | |
| 		max = req.Max
 | |
| 	}
 | |
| 
 | |
| 	add := func(u string) {
 | |
| 		if req != nil && req.Exclude[u] {
 | |
| 			return
 | |
| 		}
 | |
| 		switch u {
 | |
| 		case "nobody", "daemon", "sync":
 | |
| 			return
 | |
| 		}
 | |
| 		if slices.Contains(res.Usernames, u) {
 | |
| 			return
 | |
| 		}
 | |
| 		if len(res.Usernames) > max {
 | |
| 			// Enough for a hint.
 | |
| 			return
 | |
| 		}
 | |
| 		res.Usernames = append(res.Usernames, u)
 | |
| 	}
 | |
| 
 | |
| 	if opUser := b.operatorUserName(); opUser != "" {
 | |
| 		add(opUser)
 | |
| 	}
 | |
| 
 | |
| 	// Check popular usernames and see if they exist with a real shell.
 | |
| 	switch runtime.GOOS {
 | |
| 	case "darwin":
 | |
| 		out, err := exec.Command("dscl", ".", "list", "/Users").Output()
 | |
| 		if err != nil {
 | |
| 			return nil, err
 | |
| 		}
 | |
| 		lineread.Reader(bytes.NewReader(out), func(line []byte) error {
 | |
| 			line = bytes.TrimSpace(line)
 | |
| 			if len(line) == 0 || line[0] == '_' {
 | |
| 				return nil
 | |
| 			}
 | |
| 			add(string(line))
 | |
| 			return nil
 | |
| 		})
 | |
| 	default:
 | |
| 		lineread.File("/etc/passwd", func(line []byte) error {
 | |
| 			line = bytes.TrimSpace(line)
 | |
| 			if len(line) == 0 || line[0] == '#' || line[0] == '_' {
 | |
| 				return nil
 | |
| 			}
 | |
| 			if mem.HasSuffix(mem.B(line), mem.S("/nologin")) ||
 | |
| 				mem.HasSuffix(mem.B(line), mem.S("/false")) {
 | |
| 				return nil
 | |
| 			}
 | |
| 			colon := bytes.IndexByte(line, ':')
 | |
| 			if colon != -1 {
 | |
| 				add(string(line[:colon]))
 | |
| 			}
 | |
| 			return nil
 | |
| 		})
 | |
| 	}
 | |
| 	return res, nil
 | |
| }
 | |
| 
 | |
| func (b *LocalBackend) GetSSH_HostKeys() (keys []ssh.Signer, err error) {
 | |
| 	var existing map[string]ssh.Signer
 | |
| 	if os.Geteuid() == 0 {
 | |
| 		existing = b.getSystemSSH_HostKeys()
 | |
| 	}
 | |
| 	return b.getTailscaleSSH_HostKeys(existing)
 | |
| }
 | |
| 
 | |
| // getTailscaleSSH_HostKeys returns the three (rsa, ecdsa, ed25519) SSH host
 | |
| // keys, reusing the provided ones in existing if present in the map.
 | |
| func (b *LocalBackend) getTailscaleSSH_HostKeys(existing map[string]ssh.Signer) (keys []ssh.Signer, err error) {
 | |
| 	var keyDir string // lazily initialized $TAILSCALE_VAR/ssh dir.
 | |
| 	for _, typ := range keyTypes {
 | |
| 		if s, ok := existing[typ]; ok {
 | |
| 			keys = append(keys, s)
 | |
| 			continue
 | |
| 		}
 | |
| 		if keyDir == "" {
 | |
| 			root := b.TailscaleVarRoot()
 | |
| 			if root == "" {
 | |
| 				return nil, errors.New("no var root for ssh keys")
 | |
| 			}
 | |
| 			keyDir = filepath.Join(root, "ssh")
 | |
| 			if err := os.MkdirAll(keyDir, 0700); err != nil {
 | |
| 				return nil, err
 | |
| 			}
 | |
| 		}
 | |
| 		hostKey, err := b.hostKeyFileOrCreate(keyDir, typ)
 | |
| 		if err != nil {
 | |
| 			return nil, fmt.Errorf("error creating SSH host key type %q in %q: %w", typ, keyDir, err)
 | |
| 		}
 | |
| 		signer, err := ssh.ParsePrivateKey(hostKey)
 | |
| 		if err != nil {
 | |
| 			return nil, fmt.Errorf("error parsing SSH host key type %q from %q: %w", typ, keyDir, err)
 | |
| 		}
 | |
| 		keys = append(keys, signer)
 | |
| 	}
 | |
| 	return keys, nil
 | |
| }
 | |
| 
 | |
| var keyGenMu sync.Mutex
 | |
| 
 | |
| func (b *LocalBackend) hostKeyFileOrCreate(keyDir, typ string) ([]byte, error) {
 | |
| 	keyGenMu.Lock()
 | |
| 	defer keyGenMu.Unlock()
 | |
| 
 | |
| 	path := filepath.Join(keyDir, "ssh_host_"+typ+"_key")
 | |
| 	v, err := os.ReadFile(path)
 | |
| 	if err == nil {
 | |
| 		return v, nil
 | |
| 	}
 | |
| 	if !os.IsNotExist(err) {
 | |
| 		return nil, err
 | |
| 	}
 | |
| 	var priv any
 | |
| 	switch typ {
 | |
| 	default:
 | |
| 		return nil, fmt.Errorf("unsupported key type %q", typ)
 | |
| 	case "ed25519":
 | |
| 		_, priv, err = ed25519.GenerateKey(rand.Reader)
 | |
| 	case "ecdsa":
 | |
| 		// curve is arbitrary. We pick whatever will at
 | |
| 		// least pacify clients as the actual encryption
 | |
| 		// doesn't matter: it's all over WireGuard anyway.
 | |
| 		curve := elliptic.P256()
 | |
| 		priv, err = ecdsa.GenerateKey(curve, rand.Reader)
 | |
| 	case "rsa":
 | |
| 		// keySize is arbitrary. We pick whatever will at
 | |
| 		// least pacify clients as the actual encryption
 | |
| 		// doesn't matter: it's all over WireGuard anyway.
 | |
| 		const keySize = 2048
 | |
| 		priv, err = rsa.GenerateKey(rand.Reader, keySize)
 | |
| 	}
 | |
| 	if err != nil {
 | |
| 		return nil, err
 | |
| 	}
 | |
| 	mk, err := x509.MarshalPKCS8PrivateKey(priv)
 | |
| 	if err != nil {
 | |
| 		return nil, err
 | |
| 	}
 | |
| 	pemGen := pem.EncodeToMemory(&pem.Block{Type: "PRIVATE KEY", Bytes: mk})
 | |
| 	err = os.WriteFile(path, pemGen, 0700)
 | |
| 	return pemGen, err
 | |
| }
 | |
| 
 | |
| func (b *LocalBackend) getSystemSSH_HostKeys() (ret map[string]ssh.Signer) {
 | |
| 	for _, typ := range keyTypes {
 | |
| 		filename := "/etc/ssh/ssh_host_" + typ + "_key"
 | |
| 		hostKey, err := os.ReadFile(filename)
 | |
| 		if err != nil || len(bytes.TrimSpace(hostKey)) == 0 {
 | |
| 			continue
 | |
| 		}
 | |
| 		signer, err := ssh.ParsePrivateKey(hostKey)
 | |
| 		if err != nil {
 | |
| 			b.logf("warning: error reading host key %s: %v (generating one instead)", filename, err)
 | |
| 			continue
 | |
| 		}
 | |
| 		mak.Set(&ret, typ, signer)
 | |
| 	}
 | |
| 	return ret
 | |
| }
 | |
| 
 | |
| func (b *LocalBackend) getSSHHostKeyPublicStrings() ([]string, error) {
 | |
| 	signers, err := b.GetSSH_HostKeys()
 | |
| 	if err != nil {
 | |
| 		return nil, err
 | |
| 	}
 | |
| 	var keyStrings []string
 | |
| 	for _, signer := range signers {
 | |
| 		keyStrings = append(keyStrings, strings.TrimSpace(string(ssh.MarshalAuthorizedKey(signer.PublicKey()))))
 | |
| 	}
 | |
| 	return keyStrings, nil
 | |
| }
 | |
| 
 | |
| // tailscaleSSHEnabled reports whether Tailscale SSH is currently enabled based
 | |
| // on prefs. It returns false if there are no prefs set.
 | |
| func (b *LocalBackend) tailscaleSSHEnabled() bool {
 | |
| 	b.mu.Lock()
 | |
| 	defer b.mu.Unlock()
 | |
| 	p := b.pm.CurrentPrefs()
 | |
| 	return p.Valid() && p.RunSSH()
 | |
| }
 |