SSH认证--私钥认证方式增加用户名选项

go.mod

@@ -14,7 +14,7 @@ require (
 	github.com/go-sql-driver/mysql v1.5.0
 	github.com/go-yaml/yaml v2.1.0+incompatible
 	github.com/golang/protobuf v1.5.2
-	github.com/iwind/TeaGo v0.0.0-20210411134150-ddf57e240c2f
+	github.com/iwind/TeaGo v0.0.0-20210628135026-38575a4ab060
 	github.com/lionsoul2014/ip2region v2.2.0-release+incompatible
 	github.com/mozillazg/go-pinyin v0.18.0
 	github.com/pkg/sftp v1.12.0

go.sum

@@ -184,6 +184,8 @@ github.com/iij/doapi v0.0.0-20190504054126-0bbf12d6d7df/go.mod h1:QMZY7/J/KSQEhK
 github.com/iwind/TeaGo v0.0.0-20200923021120-f5d76441fe9e/go.mod h1:KU4mS7QNiZ7QWEuDBk1zw0/Q2LrAPZv3tycEFBsuUwc=
 github.com/iwind/TeaGo v0.0.0-20210411134150-ddf57e240c2f h1:r2O8PONj/KiuZjJHVHn7KlCePUIjNtgAmvLfgRafQ8o=
 github.com/iwind/TeaGo v0.0.0-20210411134150-ddf57e240c2f/go.mod h1:KU4mS7QNiZ7QWEuDBk1zw0/Q2LrAPZv3tycEFBsuUwc=
+github.com/iwind/TeaGo v0.0.0-20210628135026-38575a4ab060 h1:qdLtK4PDXxk2vMKkTWl5Fl9xqYuRCukzWAgJbLHdfOo=
+github.com/iwind/TeaGo v0.0.0-20210628135026-38575a4ab060/go.mod h1:KU4mS7QNiZ7QWEuDBk1zw0/Q2LrAPZv3tycEFBsuUwc=
 github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
 github.com/jmespath/go-jmespath v0.3.0 h1:OS12ieG61fsCg5+qLJ+SsW9NicxNkg3b25OyT2yCeUc=
 github.com/jmespath/go-jmespath v0.3.0/go.mod h1:9QtRXoHjLGCJ5IBSaohpXITPlowMeeYCZ7fLUTSywik=
@@ -192,6 +194,8 @@ github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCV
 github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
 github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68=
 github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
+github.com/json-iterator/go v1.1.11 h1:uVUAXhF2To8cbw/3xN3pxj6kk7TYKs98NIrTqPlMWAQ=
+github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
 github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
 github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
 github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=

internal/db/models/node_grant_dao.go

@@ -85,6 +85,7 @@ func (this *NodeGrantDAO) CreateGrant(tx *dbs.Tx, adminId int64, name string, me
 		op.Password = password
 		op.Su = false // TODO 需要做到前端可以配置
 	case "privateKey":
+		op.Username = username
 		op.PrivateKey = privateKey
 	}
 	op.Description = description
@@ -111,6 +112,7 @@ func (this *NodeGrantDAO) UpdateGrant(tx *dbs.Tx, grantId int64, name string, me
 		op.Password = password
 		op.Su = false // TODO 需要做到前端可以配置
 	case "privateKey":
+		op.Username = username
 		op.PrivateKey = privateKey
 	}
 	op.Description = description

internal/installers/credentials.go

@@ -6,4 +6,5 @@ type Credentials struct {
 	Username   string
 	Password   string
 	PrivateKey string
+	Method     string
 }

internal/installers/installer_base.go

@@ -41,7 +41,7 @@ func (this *BaseInstaller) Login(credentials *Credentials) error {
 
 	// 认证
 	methods := []ssh.AuthMethod{}
-	if len(credentials.Password) > 0 {
+	if credentials.Method == "user" {
 		{
 			authMethod := ssh.Password(credentials.Password)
 			methods = append(methods, authMethod)
@@ -56,16 +56,21 @@ func (this *BaseInstaller) Login(credentials *Credentials) error {
 			})
 			methods = append(methods, authMethod)
 		}
-	} else {
+	} else if credentials.Method == "privateKey" {
 		signer, err := ssh.ParsePrivateKey([]byte(credentials.PrivateKey))
 		if err != nil {
 			return errors.New("parse private key: " + err.Error())
 		}
 		authMethod := ssh.PublicKeys(signer)
 		methods = append(methods, authMethod)
+	} else {
+		return errors.New("invalid method '" + credentials.Method + "'")
 	}
 
 	// SSH客户端
+	if len(credentials.Username) == 0 {
+		credentials.Username = "root"
+	}
 	config := &ssh.ClientConfig{
 		User:            credentials.Username,
 		Auth:            methods,

internal/installers/queue.go

@@ -184,6 +184,7 @@ func (this *Queue) InstallNode(nodeId int64, installStatus *models.NodeInstallSt
 		Username:   grant.Username,
 		Password:   grant.Password,
 		PrivateKey: grant.PrivateKey,
+		Method:     grant.Method,
 	})
 	if err != nil {
 		installStatus.ErrorCode = "SSH_LOGIN_FAILED"
@@ -272,6 +273,7 @@ func (this *Queue) StartNode(nodeId int64) error {
 		Username:   grant.Username,
 		Password:   grant.Password,
 		PrivateKey: grant.PrivateKey,
+		Method:     grant.Method,
 	})
 	if err != nil {
 		return err
@@ -376,6 +378,7 @@ func (this *Queue) StopNode(nodeId int64) error {
 		Username:   grant.Username,
 		Password:   grant.Password,
 		PrivateKey: grant.PrivateKey,
+		Method:     grant.Method,
 	})
 	if err != nil {
 		return err

internal/rpc/services/service_node_grant.go

@@ -214,7 +214,7 @@ func (this *NodeGrantService) TestNodeGrant(ctx context.Context, req *pb.TestNod
 
 	// 认证
 	methods := []ssh.AuthMethod{}
-	if len(grant.Password) > 0 {
+	if grant.Method == "user" {
 		{
 			authMethod := ssh.Password(grant.Password)
 			methods = append(methods, authMethod)
@@ -229,7 +229,7 @@ func (this *NodeGrantService) TestNodeGrant(ctx context.Context, req *pb.TestNod
 			})
 			methods = append(methods, authMethod)
 		}
-	} else {
+	} else if grant.Method == "privateKey" {
 		signer, err := ssh.ParsePrivateKey([]byte(grant.PrivateKey))
 		if err != nil {
 			resp.Error = "parse private key: " + err.Error()
@@ -237,9 +237,14 @@ func (this *NodeGrantService) TestNodeGrant(ctx context.Context, req *pb.TestNod
 		}
 		authMethod := ssh.PublicKeys(signer)
 		methods = append(methods, authMethod)
+	} else {
+		return nil, errors.New("invalid method '" + grant.Method + "'")
 	}
 
 	// SSH客户端
+	if len(grant.Username) == 0 {
+		grant.Username = "root"
+	}
 	config := &ssh.ClientConfig{
 		User:            grant.Username,
 		Auth:            methods,