Created
February 16, 2019 21:31
-
-
Save Skarlso/34321a230cf0245018288686c9e70b2d to your computer and use it in GitHub Desktop.
Golang SSH connection with hostkey verification
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"bytes" | |
"fmt" | |
"io/ioutil" | |
"log" | |
"golang.org/x/crypto/ssh" | |
kh "golang.org/x/crypto/ssh/knownhosts" | |
) | |
func main() { | |
user := "user" | |
address := "192.168.0.17" | |
command := "uptime" | |
port := "9999" | |
key, err := ioutil.ReadFile("/Users/user/.ssh/id_rsa") | |
if err != nil { | |
log.Fatalf("unable to read private key: %v", err) | |
} | |
// Create the Signer for this private key. | |
signer, err := ssh.ParsePrivateKey(key) | |
if err != nil { | |
log.Fatalf("unable to parse private key: %v", err) | |
} | |
hostKeyCallback, err := kh.New("/Users/user/.ssh/known_hosts") | |
if err != nil { | |
log.Fatal("could not create hostkeycallback function: ", err) | |
} | |
config := &ssh.ClientConfig{ | |
User: user, | |
Auth: []ssh.AuthMethod{ | |
// Add in password check here for moar security. | |
ssh.PublicKeys(signer), | |
}, | |
HostKeyCallback: hostKeyCallback, | |
} | |
// Connect to the remote server and perform the SSH handshake. | |
client, err := ssh.Dial("tcp", address+":"+port, config) | |
if err != nil { | |
log.Fatalf("unable to connect: %v", err) | |
} | |
defer client.Close() | |
ss, err := client.NewSession() | |
if err != nil { | |
log.Fatal("unable to create SSH session: ", err) | |
} | |
defer ss.Close() | |
// Creating the buffer which will hold the remotly executed command's output. | |
var stdoutBuf bytes.Buffer | |
ss.Stdout = &stdoutBuf | |
ss.Run(command) | |
// Let's print out the result of command. | |
fmt.Println(stdoutBuf.String()) | |
} |
@steffakasid Hey! That's a good call.
Yes, there are a couple solutions out there to do an ssh-keyscan, but basically, you can just do a call with TCP.
Here is a more convoluted example: https://github.com/szuecs/go-ssh-keyscan/blob/master/go-ssh-keyscan.go
And here is one that just does a TCP call and returns the output: http://play.golang.org/p/Lm1FNTnLws
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Does this only work if the hostkey is already added in known_hosts? How would it be possible to write new hosts into the known_hosts file?
Edit:
I used
ssh-keyscan github.com > known_hosts
and it works quite well. It also already adds all keys from the server which works quite well. Not sure if there would be also a solution to do this in my golang program.