bastion | ||
common | ||
external | ||
.gitignore | ||
.gitmodules | ||
CMakeLists.txt | ||
LICENSE | ||
README.md |
Bastion
SSH bastion that features transparent connection and session recording.
This project is inspired by https://github.com/moul/sshportal. I wrote this implementation to work around the fact that I couldn't get the go ssh lib to work properly with non interactive sessions, the bug has been open for a long time and I tend to belive it cannot be fixed (https://github.com/moul/sshportal/issues/55).
This bastion project does work properly with non interactive sessions, which allows transparent ansible usage through the bastion.
Contents
Dependencies
This project has only one hard dependency :
- the libssh from https://www.libssh.org/. You should be able to use your distro's packages if they are recent enough.
The following are optional dependencies :
- the libtty from https://github.com/kilobyte/termrec which allows session recording.
- compression libraries like libbz2, liblzma, libz allow on the fly compression of session records.
- libmysql for now because it hosts the runtime config
Manual Installation
This project is built using cmake :
mkdir build
cd build
cmake ..
make
make install
You can customise the build with the following cmake flags :
CMAKE_BUILD_TYPE
: Debug|Release|RelWithDebInfo|MinSizeRel, defaults to Release if using a tarball, and Debug if using the git treeCMAKE_INSTALL_PREFIX
: path, defaults to/usr/local
SESSION_RECORDING
: ON|OFF, defaults to ON
For exemple this disables session recording for a debug build and installs the bastion for your current user :
cmake .. -DCMAKE_BUILD_TYPE=Debug -D CMAKE_INSTALL_PREFIX=$HOME/.local -DSESSION_RECORDING=OFF