Skip to content
/ knownhosts Public

Programmatically parse, query and manipulate SSH known_hosts files in Go

gigawatt.io/knownhosts

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

gigawattio/knownhosts

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
known_hosts.go
known_hosts.go
 
 
known_hosts_test.go
known_hosts_test.go
 
 
strings.go
strings.go
 
 

Repository files navigation

knownhosts

Documentation Build Status Report Card

About

gigawatt.io/knownhosts is a golang package for programmatically parsing, querying and manipulating SSH known_hosts files (usually located under ~/.ssh/known_hosts).

This package provides functionality beyond the go stdlib crypto/ssh/knownhosts, which doesn't expose much of practical use for known_hosts file management.

There are many possible (ab)use-cases for this library, so before importing it's recommended you review the Security Considerations section below and think critically about the possible implications for your implementation.

Created by Jay Taylor.

Security Considerations

Programmatic addition of entries to ~/.ssh/known_hosts can be risky due to the potential for exposing MITM attacks vulnerabilities in your application. It is critical to account for this aspect in your design before importing this go package.

Further Reading

Usage

package main

import (
    "fmt"

    "gigawatt.io/knownhosts"
)

func main() {
    khs, err := knownhosts.New("/tmp/test_known_tests")
    if err != nil {
        panic(err)
    }

    if _, err := khs.Add("github.com", "gitlab.com"); err != nil {
        panic(err)
    }

    fmt.Printf("khs.String() =>\n---\n%v\n---\n", khs.String())

    if err := khs.Sync(); err != nil {
        panic(err)
    }

    gh := khs.FindByAddr("ssh-rsa", "github.com")
    fmt.Printf("github.com query result: %# v\n", gh)

    gl := khs.FindByAddr("ssh-rsa", "gitlab.com")
    fmt.Printf("gitlab.com query result: %# v\n", gl)
}

Also see the examples in the docs.

Motivation

This started with a requirement to clone git repositories non-interactively. This gets around interactive SSH authentication prompts by always ensuring there is a known_hosts entry for each git host before initiating a clone.

Cloning into 'target'...
The authenticity of host 'gitlab.com (35.231.145.151)' can't be established.
ECDSA key fingerprint is f1:d0:fb:46:73:7a:70:92:5a:ab:5d:ef:43:e2:1c:35.
Are you sure you want to continue connecting (yes/no)?
The authenticity of host '[madmax.utwente.nl]:62222 ([4.3.2.1]:62222)' can't be established.
RSA key fingerprint is SHA256:USgS2JZsu19qqQQf16TomcatUPdogQuicksilvaAUSS.
RSA key fingerprint is MD5:8a:b9:db:ca:40:fe:32:ba:00:be:ef:04:ac:bd:9b:a8.
Are you sure you want to continue connecting (yes/no)?

Requirements

  • Go version 1.9 or newer

Running the test suite

go test ./...

License

Permissive MIT license, see the LICENSE file for more information.

About

Programmatically parse, query and manipulate SSH known_hosts files in Go

gigawatt.io/knownhosts

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

2 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages