add more ssh key debugging

author: Paul Buetow <pbuetow@mimecast.com> 2020-05-13 11:43:59 +0100
committer: Paul Buetow <pbuetow@mimecast.com> 2020-05-13 11:43:59 +0100
commit: a4f9c9ae0438854493b9648b4347bd59f2c6e7dc (patch)
tree: 113cd2cf31ddc6a4c5dd64436f7749a92242eddf
parent: e0b1bbb42f88a165965a340e614db6e86f66b8a6 (diff)
7 files changed, 17 insertions, 14 deletions
diff --git a/cmd/dcat/main.go b/cmd/dcat/main.go
index bd29f72..42b29bf 100644
--- a/cmd/dcat/main.go
+++ b/cmd/dcat/main.go
@@ -52,7 +52,7 @@ func main() {
 	}
 
 	ctx := context.TODO()
-	logger.Start(ctx, logger.Modes{Debug: debugEnable, Quiet: quietEnable})
+	logger.Start(ctx, logger.Modes{Debug: debugEnable || config.Common.DebugEnable, Quiet: quietEnable})
 
 	args := clients.Args{
 		ConnectionsPerCPU: connectionsPerCPU,
diff --git a/cmd/dgrep/main.go b/cmd/dgrep/main.go
index 6ba90fc..c136b43 100644
--- a/cmd/dgrep/main.go
+++ b/cmd/dgrep/main.go
@@ -54,7 +54,7 @@ func main() {
 	}
 
 	ctx := context.TODO()
-	logger.Start(ctx, logger.Modes{Debug: debugEnable, Quiet: quietEnable})
+	logger.Start(ctx, logger.Modes{Debug: debugEnable || config.Common.DebugEnable, Quiet: quietEnable})
 
 	args := clients.Args{
 		ConnectionsPerCPU: connectionsPerCPU,
diff --git a/cmd/dmap/main.go b/cmd/dmap/main.go
index 24f81b8..cae1552 100644
--- a/cmd/dmap/main.go
+++ b/cmd/dmap/main.go
@@ -57,7 +57,7 @@ func main() {
 	}
 
 	ctx := context.TODO()
-	logger.Start(ctx, logger.Modes{Debug: debugEnable, Quiet: quietEnable})
+	logger.Start(ctx, logger.Modes{Debug: debugEnable || config.Common.DebugEnable, Quiet: quietEnable})
 
 	args := clients.Args{
 		ConnectionsPerCPU: connectionsPerCPU,
diff --git a/cmd/drun/main.go b/cmd/drun/main.go
index 3817d0e..039c104 100644
--- a/cmd/drun/main.go
+++ b/cmd/drun/main.go
@@ -60,7 +60,7 @@ func main() {
 	}
 
 	ctx := context.TODO()
-	logger.Start(ctx, logger.Modes{Debug: debugEnable, Quiet: quietEnable})
+	logger.Start(ctx, logger.Modes{Debug: debugEnable || config.Common.DebugEnable, Quiet: quietEnable})
 
 	command, commandArgs := readCommand(command)
 	args := clients.Args{
diff --git a/cmd/dserver/main.go b/cmd/dserver/main.go
index 865bf95..34b983f 100644
--- a/cmd/dserver/main.go
+++ b/cmd/dserver/main.go
@@ -65,7 +65,7 @@ func main() {
 		}
 	}()
 
-	logger.Start(ctx, logger.Modes{Server: true, Debug: debugEnable})
+	logger.Start(ctx, logger.Modes{Server: true, Debug: debugEnable || config.Common.DebugEnable})
 
 	if pprof > -1 {
 		// For debugging purposes only
diff --git a/cmd/dtail/main.go b/cmd/dtail/main.go
index bb3cf8c..e69e85a 100644
--- a/cmd/dtail/main.go
+++ b/cmd/dtail/main.go
@@ -73,7 +73,7 @@ func main() {
 		os.Exit(healthClient.Start(ctx))
 	}
 
-	logger.Start(ctx, logger.Modes{Debug: debugEnable, Quiet: quietEnable})
+	logger.Start(ctx, logger.Modes{Debug: debugEnable || config.Common.DebugEnable, Quiet: quietEnable})
 
 	if pprof > -1 {
 		// For debugging purposes only
diff --git a/internal/ssh/server/publickeycallback.go b/internal/ssh/server/publickeycallback.go
index 757def7..b9c79a1 100644
--- a/internal/ssh/server/publickeycallback.go
+++ b/internal/ssh/server/publickeycallback.go
@@ -14,7 +14,7 @@ import (
 )
 
 // PublicKeyCallback is for the server to check whether a public SSH key is authorized ot not.
-func PublicKeyCallback(c gossh.ConnMetadata, pubKey gossh.PublicKey) (*gossh.Permissions, error) {
+func PublicKeyCallback(c gossh.ConnMetadata, offeredPubKey gossh.PublicKey) (*gossh.Permissions, error) {
 	user := user.New(c.User(), c.RemoteAddr().String())
 	logger.Info(user, "Incoming authorization")
 
@@ -41,22 +41,25 @@ func PublicKeyCallback(c gossh.ConnMetadata, pubKey gossh.PublicKey) (*gossh.Per
 
 	authorizedKeysMap := map[string]bool{}
 	for len(authorizedKeysBytes) > 0 {
-		pubKey, _, _, rest, err := gossh.ParseAuthorizedKey(authorizedKeysBytes)
+		authorizedPubKey, _, _, restBytes, err := gossh.ParseAuthorizedKey(authorizedKeysBytes)
 		if err != nil {
 			return nil, fmt.Errorf("Unable to parse authorized keys bytes|%s|%s", user, err.Error())
 		}
-		authorizedKeysMap[string(pubKey.Marshal())] = true
-		authorizedKeysBytes = rest
+		authorizedKeysMap[string(authorizedPubKey.Marshal())] = true
+		authorizedKeysBytes = restBytes
+
+		logger.Debug(user, "Authorized public key fingerprint", gossh.FingerprintSHA256(authorizedPubKey))
 	}
 
-	if authorizedKeysMap[string(pubKey.Marshal())] {
-		logger.Debug("Public key fingerprint", gossh.FingerprintSHA256(pubKey), user)
+	logger.Debug(user, "Offered public key fingerprint", gossh.FingerprintSHA256(offeredPubKey))
+
+	if authorizedKeysMap[string(offeredPubKey.Marshal())] {
 		return &gossh.Permissions{
 			Extensions: map[string]string{
-				"pubkey-fp": gossh.FingerprintSHA256(pubKey),
+				"pubkey-fp": gossh.FingerprintSHA256(offeredPubKey),
 			},
 		}, nil
 	}
 
-	return nil, fmt.Errorf("Unknown public key|%s", user)
+	return nil, fmt.Errorf("%s|Public key of user not authorized", user)
 }
author	Paul Buetow <pbuetow@mimecast.com>	2020-05-13 11:43:59 +0100
committer	Paul Buetow <pbuetow@mimecast.com>	2020-05-13 11:43:59 +0100
commit	a4f9c9ae0438854493b9648b4347bd59f2c6e7dc (patch)
tree	113cd2cf31ddc6a4c5dd64436f7749a92242eddf
parent	e0b1bbb42f88a165965a340e614db6e86f66b8a6 (diff)