golang lib ssh

Author: rinetd

README.md

@@ -0,0 +1,95 @@
+
+## 项目简介
+本项目是基于golang标准库 ssh 和 sftp 开发
+
+本项目是对标准库进行一个简单的高层封装,使得可以在在 Windows Linux Mac 上非常容易的执行 ssh 命令,
+以及文件,文件夹的上传,下载等操作.
+
+文件上传下载模仿rsync方式: 只和源有关.
+// rsync -av src/ dst     ./src/* --> /root/dst/*
+// rsync -av src/ dst/    ./src/* --> /root/dst/*
+// rsync -av src  dst     ./src/* --> /root/dst/src/*
+// rsync -av src  dst/    ./src/* --> /root/dst/src/*
+
+## Example
+
+### 在远程执行ssh命令
+```go
+package main
+import (
+	"fmt"
+	"github.com/pytool/ssh"
+)
+func main() {
+
+	c, err := ssh.NewClient("root", "localhost", "22", "ubuntu")
+	if err != nil {
+		panic(err)
+	}
+	defer c.Close()
+
+	output, err := c.Exec("uptime")
+	if err != nil {
+		panic(err)
+	}
+
+	fmt.Printf("Uptime: %s\n", output)
+}
+
+```
+### 文件下载
+```go
+package main
+
+import (
+	"github.com/pytool/ssh"
+)
+
+func main() {
+
+	client, err := ssh.NewClient("root", "localhost", "22", "ubuntu")
+	if err != nil {
+		panic(err)
+	}
+	defer client.Close()
+	var remotedir = "/root/test/"
+	// download dir
+	var local = "/home/ubuntu/go/src/github.com/pytool/ssh/test/download/"
+	client.Download(remotedir, local)
+
+	// upload file
+	var remotefile = "/root/test/file"
+
+	client.Download(remotefile, local)
+}
+
+```
+
+### 文件上传
+```go
+package main
+
+import (
+	"github.com/pytool/ssh"
+)
+
+func main() {
+
+	client, err := ssh.NewClient("root", "localhost", "22", "ubuntu")
+	if err != nil {
+		panic(err)
+	}
+	defer client.Close()
+	var remotedir = "/root/test/"
+	// upload dir
+	var local = "/home/ubuntu/go/src/github.com/pytool/ssh/test/upload/"
+	client.Upload(local, remotedir)
+
+	// upload file
+	local = "/home/ubuntu/go/src/github.com/pytool/ssh/test/upload/file"
+	client.Upload(local, remotedir)
+}
+
+```
+
+

auth.go

@@ -0,0 +1,160 @@
+package ssh
+
+import (
+	"errors"
+	"fmt"
+	"io/ioutil"
+	"net"
+	"os"
+	"strings"
+	"syscall"
+
+	"golang.org/x/crypto/ssh"
+	"golang.org/x/crypto/ssh/agent"
+	"golang.org/x/crypto/ssh/terminal"
+)
+
+// An implementation of ssh.KeyboardInteractiveChallenge that simply sends
+// back the password for all questions. The questions are logged.
+func passwordKeyboardInteractive(password string) ssh.KeyboardInteractiveChallenge {
+	return func(user, instruction string, questions []string, echos []bool) ([]string, error) {
+		// log.Printf("Keyboard interactive challenge: ")
+		// log.Printf("-- User: %s", user)
+		// log.Printf("-- Instructions: %s", instruction)
+		// for i, question := range questions {
+		// 	log.Printf("-- Question %d: %s", i+1, question)
+		// }
+
+		// Just send the password back for all questions
+		answers := make([]string, len(questions))
+		for i := range answers {
+			answers[i] = password
+		}
+
+		return answers, nil
+	}
+}
+
+// WithKeyboardPassword Generate a password-auth'd ssh ClientConfig
+func WithKeyboardPassword(password string) (ssh.AuthMethod, error) {
+	return ssh.KeyboardInteractive(passwordKeyboardInteractive(password)), nil
+}
+
+// WithPassword Generate a password-auth'd ssh ClientConfig
+func WithPassword(password string) (ssh.AuthMethod, error) {
+	return ssh.Password(password), nil
+}
+
+// WithAgent use already authed user
+func WithAgent() (ssh.AuthMethod, error) {
+	sock := os.Getenv("SSH_AUTH_SOCK")
+	if sock != "" {
+		// fmt.Println(errors.New("Agent Disabled"))
+		return nil, errors.New("Agent Disabled")
+	}
+	socks, err := net.Dial("unix", sock)
+	if err != nil {
+		fmt.Println(err)
+		return nil, err
+	}
+	// 1. 返回Signers函数的结果
+	agent := agent.NewClient(socks)
+	signers, err := agent.Signers()
+	return ssh.PublicKeys(signers...), nil
+	// 2. 返回Signers函数
+	// getSigners := agent.NewClient(socks).Signers
+	// return ssh.PublicKeysCallback(getSigners), nil
+
+	// 3.简写方式
+	// if sshAgent, err := net.Dial("unix", os.Getenv("SSH_AUTH_SOCK")); err == nil {
+	// 	return ssh.PublicKeysCallback(agent.NewClient(sshAgent).Signers)
+	// }
+	// return nil
+}
+
+// WithPrivateKeys 设置多个 ~/.ssh/id_rsa
+func WithPrivateKeys(keyFiles []string, password string) (ssh.AuthMethod, error) {
+	var signers []ssh.Signer
+
+	for _, key := range keyFiles {
+
+		buffer, err := ioutil.ReadFile(key)
+		if err != nil {
+			println(err.Error())
+			// return
+		}
+		signer, err := ssh.ParsePrivateKeyWithPassphrase([]byte(buffer), []byte(password))
+		if err != nil {
+			println(err.Error())
+		} else {
+			signers = append(signers, signer)
+		}
+	}
+	if signers == nil {
+		return nil, errors.New("WithPrivateKeys: no keyfiles input")
+	}
+	return ssh.PublicKeys(signers...), nil
+}
+
+// WithPrivateKey 自动监测是否带有密码
+func WithPrivateKey(keyfile string, password string) (ssh.AuthMethod, error) {
+	pemBytes, err := ioutil.ReadFile(keyfile)
+	if err != nil {
+		println(err.Error())
+		return nil, err
+	}
+
+	var signer ssh.Signer
+	signer, err = ssh.ParsePrivateKey(pemBytes)
+	if err != nil {
+		if strings.Contains(err.Error(), "cannot decode encrypted private keys") {
+			if signer, err = ssh.ParsePrivateKeyWithPassphrase(pemBytes, []byte(password)); err == nil {
+				return ssh.PublicKeys(signer), nil
+			}
+		}
+	}
+	return nil, err
+}
+
+// WithPrivateKeyString 直接通过字符串
+func WithPrivateKeyString(key string, password string) (ssh.AuthMethod, error) {
+	var signer ssh.Signer
+	var err error
+	if password == "" {
+		signer, err = ssh.ParsePrivateKey([]byte(key))
+	} else {
+		signer, err = ssh.ParsePrivateKeyWithPassphrase([]byte(key), []byte(password))
+	}
+	if err != nil {
+		println(err.Error())
+		return nil, err
+	}
+	return ssh.PublicKeys(signer), nil
+}
+
+// WithPrivateKeyTerminal 通过终端读取带密码的 PublicKey
+func WithPrivateKeyTerminal(keyfile string) (ssh.AuthMethod, error) {
+	// fmt.Fprintf(os.Stderr, "This SSH key is encrypted. Please enter passphrase for key '%s':", priv.path)
+	passphrase, err := terminal.ReadPassword(int(syscall.Stdin))
+	if err != nil {
+		println(err.Error())
+		return nil, err
+	}
+
+	fmt.Fprintln(os.Stderr)
+
+	pemBytes, err := ioutil.ReadFile(keyfile)
+	if err != nil {
+
+		println(err.Error())
+		return nil, err
+	}
+	signer, err := ssh.ParsePrivateKeyWithPassphrase(pemBytes, passphrase)
+	if err != nil {
+
+		fmt.Println(err)
+		return nil, err
+	}
+
+	return ssh.PublicKeys(signer), nil
+}

client.go

@@ -0,0 +1,114 @@
+package ssh
+
+import (
+	"errors"
+	"net"
+	"os"
+	"strconv"
+	"time"
+
+	"github.com/pkg/sftp"
+	"golang.org/x/crypto/ssh"
+)
+
+const DefaultTimeout = 30 * time.Second
+
+type Client struct {
+	*Config
+	SSHClient  *ssh.Client
+	SFTPClient *sftp.Client
+}
+
+// NewClient 根据配置
+func NewClient(user, host, port, password string) (client *Client, err error) {
+	p, err := strconv.Atoi(port)
+	if err == nil || p == 0 {
+		p = 22
+	}
+	if user == "" {
+		user = "root"
+	}
+	var config = &Config{
+		User:     user,
+		Host:     host,
+		Port:     p,
+		Password: password,
+		// KeyFiles: []string{"~/.ssh/id_rsa"},
+	}
+	return New(config)
+}
+
+// New 创建SSH client
+func New(config *Config) (client *Client, err error) {
+	clientConfig := &ssh.ClientConfig{
+		User:            config.User,
+		Timeout:         DefaultTimeout,
+		HostKeyCallback: ssh.InsecureIgnoreHostKey(),
+	}
+
+	// 2. 密码方式
+	if config.Password != "" {
+		clientConfig.Auth = append(clientConfig.Auth, ssh.Password(config.Password))
+	}
+
+	// 3. privite key file
+	if len(config.KeyFiles) == 0 {
+		keyPath := os.Getenv("HOME") + "/.ssh/id_rsa"
+		if auth, err := WithPrivateKey(keyPath, config.Password); err != nil {
+			clientConfig.Auth = append(clientConfig.Auth, auth)
+		}
+	} else {
+		if auth, err := WithPrivateKeys(config.KeyFiles, config.Password); err != nil {
+			clientConfig.Auth = append(clientConfig.Auth, auth)
+		}
+	}
+	// 1. agent
+	if auth, err := WithAgent(); err != nil {
+		clientConfig.Auth = append(clientConfig.Auth, auth)
+	}
+	if config.Port == 0 {
+		config.Port = 22
+	}
+	// hostPort := config.Host + ":" + strconv.Itoa(config.Port)
+	sshClient, err := ssh.Dial("tcp", net.JoinHostPort(config.Host, strconv.Itoa(config.Port)), clientConfig)
+
+	if err != nil {
+		return client, errors.New("Failed to dial ssh: " + err.Error())
+	}
+
+	// create sftp client
+	var sftpClient *sftp.Client
+	if sftpClient, err = sftp.NewClient(sshClient); err != nil {
+		return client, errors.New("Failed to conn sftp: " + err.Error())
+	}
+
+	return &Client{SSHClient: sshClient, SFTPClient: sftpClient}, nil
+}
+
+// Execute cmd on the remote host and return stderr and stdout
+func (c *Client) Exec(cmd string) ([]byte, error) {
+	session, err := c.SSHClient.NewSession()
+	if err != nil {
+		return nil, err
+	}
+	defer session.Close()
+
+	return session.CombinedOutput(cmd)
+}
+
+// Close the underlying SSH connection
+func (c *Client) Close() {
+	c.SFTPClient.Close()
+	c.SSHClient.Close()
+}
+
+func addPortToHost(host string) string {
+	_, _, err := net.SplitHostPort(host)
+
+	// We got an error so blindly try to add a port number
+	if err != nil {
+		return net.JoinHostPort(host, "22")
+	}
+
+	return host
+}

cmd/main.go

@@ -0,0 +1,24 @@
+package main
+
+import (
+	"fmt"
+
+	"github.com/pytool/ssh"
+)
+
+func main() {
+
+	client, err := ssh.NewClient("root", "localhost", "22", "ubuntu")
+	if err != nil {
+		panic(err)
+	}
+	defer client.Close()
+
+	output, err := client.Exec("uptime")
+	if err != nil {
+		panic(err)
+	}
+
+	fmt.Printf("Uptime: %s\n", output)
+
+}