hostkey generation for your next golang ssh server

hostkeys

A host key manager for your golang ssh daemons

hostkeys will manage private keys for an ssh.ServerConfig. It creates missing private keys if the application is run for the first time and makes sure to reuse them if they already exist.

Its goal is predictability and does things exactly like one would expect a typical OpenSSH installation to do.

By default, it manages three keys, rsa 3072 bits, ecdsa P256, and an ed25519 key, similar to running ssh-keygen -A.

Basic usage:

// An SSH server is represented by a ServerConfig, which holds
// certificate details and handles authentication of ServerConns.
config := &ssh.ServerConfig{
    PasswordCallback: func(...) {
        // ... omitted ...
    },

    PublicKeyCallback: func(...) (...) {
        // ... omitted ...
    },
}

manager := &hostkeys.Manager{
    Directory: "/etc/app",
}

err := m.Manage(config)
if err != nil {
    t.Fatalf("hostkeys: %s", err)
}

Using existing openssh host keys:

manager := &hostkeys.Manager{
    Directory:    "/etc/ssh",
    NamingScheme: "ssh_host_%s_key",
}

Using stronger keys:

manager := &hostkeys.Manager{
    Directory: "/etc/app",
    Keys: []hostkeys.Generator{
		&generator.RSA{BitSize: 4096},
		&generator.ECDSA{Curve: elliptic.P521()},
	},
}

hostkeys will not update or delete existing keys. Changing key parameters requires the user to manually remove the old keys to have new generated.

Owner
Kristian Mide
Kristian Mide
https://github.com/fasmide/hostkeys
Similar Resources

Proxy is a high performance HTTP(S) proxies, SOCKS5 proxies,WEBSOCKET, TCP, UDP proxy server implemented by golang. Now, it supports chain-style proxies,nat forwarding in different lan,TCP/UDP port forwarding, SSH forwarding.Proxy是golang实现的高性能http,https,websocket,tcp,socks5代理服务器,支持内网穿透,链式代理,通讯加密,智能HTTP,SOCKS5代理,黑白名单,限速,限流量,限连接数,跨平台,KCP支持,认证API。

Proxy is a high performance HTTP(S) proxies, SOCKS5 proxies,WEBSOCKET, TCP, UDP proxy server implemented by golang. Now, it supports chain-style proxies,nat forwarding in different lan,TCP/UDP port forwarding, SSH forwarding.Proxy是golang实现的高性能http,https,websocket,tcp,socks5代理服务器,支持内网穿透,链式代理,通讯加密,智能HTTP,SOCKS5代理,黑白名单,限速,限流量,限连接数,跨平台,KCP支持,认证API。

Advertisement GOPROXY Introduction The GoProxy is a high-performance http proxy, https proxy, socks5 proxy, ss proxy, websocket proxies, tcp proxies,

Jan 9, 2023

LazySSH is an SSH server that acts as a jump host only, and dynamically starts temporary virtual machines.

LazySSH is an SSH server that acts as a jump host only, and dynamically starts temporary virtual machines. If you find yourself briefly starti

Dec 11, 2022

WebDAV server for SSH. Similar to sshfs but does not require proprietary MacFUSE on macOS

sshwebdav: WebDAV server for SSH sshwebdav provides a WebDAV server for a remote SSH host. sshwebdav is similar to sshfs but does not require propriet

Nov 9, 2022

A memory-safe SSH server, focused on listening only on VPN networks such as Tailscale

Features Is tested to work with SCP Integrates well with systemd Quickstart Download binary for your architecture. We only support Linux. If you don't

Jun 10, 2022

A mini Web SSH server.

MiniWebSSHServer A mini Web SSH server. Build go build . Run miniwebsshserver -bind ip_addr:port Open a term from url http://ip_addr:port/term?h

Sep 16, 2022

Simple server ssh application

Simple server ssh application

Dec 13, 2022

Helps you to send ssh commands to target machine in your local network from outside via gRPC

Helps you to send ssh commands to target machine in your local network from outside via gRPC

rpc-ssh In case, you don't want to make your ssh port accessible from outside local network. This repository helps you to send ssh commands to target

Nov 16, 2022

Creates a linux group of users synced to your Google Workspace users and automatically imports their public SSH keys.

Creates a linux group of users synced to your Google Workspace users and automatically imports their public SSH keys.

Creates a linux group of users synced to your Google Workspace users and automatically imports their public SSH keys.

Jan 27, 2022

Simple application in Golang that retrieves your ip and updates your DNS entries automatically each time your IP changes.

DNS-Updater Simple application in Golang that retrieves your ip and updates your DNS entries automatically each time your IP changes. Motivation Havin

Mar 10, 2022
Comments
  • This thing i broken for now

    This thing i broken for now

    So, the x/crypto/ssh package, for now, is unable to marshal the OpenSSH openssh-key-v1 format, but this is properly going to change in the near future if/when https://github.com/golang/go/issues/37132 is merged

    Working around this issue, hostkeys uses sshkeys, which in turn needs some patches applied in order to support unencrypted openssh-key-v1

    I think the reasonable approach for now, is just vendoring sshkeys with the applied patches and wait for the x/crypto/ssh package to support marshalling, then drop the dependency entirely

Related tags
Network hostkeys
HttpRunner+ is the next generation of HttpRunner, written in golang
 HttpRunner+ is the next generation of HttpRunner, written in golang

hrp (HttpRunner+) hrp is a golang implementation of HttpRunner. Ideally, hrp will be fully compatible with HttpRunner, including testcase format and u

Sep 28, 2022
Core is the next-generation digital data engine.
 Core is the next-generation digital data engine.

tKeel-Core The digital engine of world ?? Core is the data centre of the tKeel IoT Open Platform, a high-performance, scalable and lightweight next-ge

Mar 28, 2022
🤘 The native golang ssh client to execute your commands over ssh connection. 🚀🚀
 🤘 The native golang ssh client to execute your commands over ssh connection. 🚀🚀

Golang SSH Client. Fast and easy golang ssh client module. Goph is a lightweight Go SSH client focusing on simplicity! Installation ❘ Features ❘ Usage

Dec 24, 2022
Gsshrun - Running commands via ssh on the server/hosting (if ssh support) specified in the connection file

Gsshrun - Running commands via ssh on the server/hosting (if ssh support) specified in the connection file

Sep 8, 2022
one simple git ssh server (just for learning git over ssh )

wriet one simple git ssh server use golang write one simple git ssh server how to running starting service docker-compose up -d add authorized_keys i

Mar 5, 2022
Golang `net/rpc` over SSH using installed SSH program

Golang net/rpc over SSH using installed SSH program This package implements a helper functions to launch an RPC client and server. It uses the install

Nov 16, 2022
Extended ssh-agent which supports git commit signing over ssh

ssh-agentx ssh-agentx Rationale Requirements Configuration ssh-agentx Configuration ssh-gpg-signer Linux Windows Signing commits after configuration T

Jun 29, 2022
gh is GitHub on the command line. It brings pull requests, issues, and other GitHub concepts to the terminal next to where you are already working with git and your code
 gh is GitHub on the command line. It brings pull requests, issues, and other GitHub concepts to the terminal next to where you are already working with git and your code

gh is GitHub on the command line. It brings pull requests, issues, and other GitHub concepts to the terminal next to where you are already working with git and your code

Jan 24, 2022
“Dear Port80” is a zero-config TCP proxy server that hides SSH connection behind a HTTP server!

Dear Port80 About The Project: “Dear Port80” is a zero-config TCP proxy server that hides SSH connection behind a HTTP server! +---------------------

Jun 29, 2022
Next Terminal是使用Golang和React开发的一款HTML5的远程桌面网关

Next Terminal是使用Golang和React开发的一款HTML5的远程桌面网关,具有小巧、易安装、易使用、资源占用小的特点,支持RDP、SSH、VNC和Telnet协议的连接和管理。

Jun 1, 2021