Beispiel #1
0
        protected override void BeginProcessing()
        {
            // Collect host/fingerprint information from the registry.
            base.BeginProcessing();
            var keymng = new TrustedKeyManagement();

            _sshHostKeys = keymng.GetKeys();
        }
Beispiel #2
0
        protected override void ProcessRecord()
        {
            if (_keyfile.Equals(""))
            {
                //Username authentication
                //found a problem where domain name wasn't passed when using the format of {domain}\{username}
                //So, if the domain exists, prefix it properly
                //If using {username}@{domain}, this is not an issue
                string _UserNameMod = "";

                if (_credential.GetNetworkCredential().Domain.Length > 0)
                {
                    _UserNameMod = _credential.GetNetworkCredential().Domain + "\\" + _credential.GetNetworkCredential().UserName;
                }
                else
                {
                    _UserNameMod = _credential.GetNetworkCredential().UserName;
                }

                var kIconnectInfo = new KeyboardInteractiveAuthenticationMethod(_UserNameMod);

                foreach (var computer in _computername)
                {
                    ConnectionInfo connectInfo;
                    if (_proxyserver != "")
                    {
                        // Set the proper proxy type
                        var ptype = ProxyTypes.Http;
                        //WriteVerbose("A Proxy Server has been specified");
                        switch (_proxytype)
                        {
                        case "HTTP":
                            ptype = ProxyTypes.Http;
                            break;

                        case "Socks4":
                            ptype = ProxyTypes.Socks4;
                            break;

                        case "Socks5":
                            ptype = ProxyTypes.Socks5;
                            break;
                        }

                        var passconnectInfo = new PasswordAuthenticationMethod(_UserNameMod, _credential.GetNetworkCredential().Password);

                        WriteVerbose("Connecting to " + computer + " with user " + _UserNameMod);
                        connectInfo = new ConnectionInfo(computer,
                                                         _port,
                                                         _credential.GetNetworkCredential().UserName,
                                                         ptype,
                                                         _proxyserver,
                                                         _proxyport,
                                                         _proxycredential.GetNetworkCredential().UserName,
                                                         _proxycredential.GetNetworkCredential().Password,
                                                         kIconnectInfo,
                                                         passconnectInfo);
                    }
                    else
                    {
                        // Connection info for Keyboard Interactive

                        var passconnectInfo = new PasswordAuthenticationMethod(_UserNameMod, _credential.GetNetworkCredential().Password);

                        connectInfo = new ConnectionInfo(computer,
                                                         _port,
                                                         _UserNameMod,
                                                         passconnectInfo,
                                                         kIconnectInfo);
                    }

                    // Event Handler for interactive Authentication
                    kIconnectInfo.AuthenticationPrompt += delegate(object sender, AuthenticationPromptEventArgs e)
                    {
                        foreach (var prompt in e.Prompts)
                        {
                            if (prompt.Request.Contains("Password"))
                            {
                                prompt.Response = _credential.GetNetworkCredential().Password;
                            }
                        }
                    };


                    //Ceate instance of SSH Client with connection info
                    var client = new SshClient(connectInfo);

                    // Handle host key
                    string computer1 = computer;
                    client.HostKeyReceived += delegate(object sender, HostKeyEventArgs e)
                    {
                        var sb = new StringBuilder();
                        foreach (var b in e.FingerPrint)
                        {
                            sb.AppendFormat("{0:x}:", b);
                        }
                        string fingerPrint = sb.ToString().Remove(sb.ToString().Length - 1);

                        //WriteVerbose("Key algorithm of " + client.ConnectionInfo.CurrentHostKeyAlgorithm);
                        //WriteVerbose("Key exchange alhorithm " + client.ConnectionInfo.CurrentKeyExchangeAlgorithm);
                        //WriteVerbose("Host key fingerprint: " + fingerPrint);

                        if (_sshHostKeys.ContainsKey(computer1))
                        {
                            if (_sshHostKeys[computer1] == fingerPrint)
                            {
                                //WriteVerbose("Fingerprint matched trusted fingerpring for host " + computer);

                                e.CanTrust = true;
                            }
                            else
                            {
                                throw new System.Security.SecurityException("SSH fingerprint mistmatch for host " + computer1);
                            }
                        }
                        else
                        {
                            int choice;
                            if (_acceptkey)
                            {
                                choice = 0;
                            }
                            else
                            {
                                var choices = new Collection <ChoiceDescription>
                                {
                                    new ChoiceDescription("Y"),
                                    new ChoiceDescription("N")
                                };

                                choice = Host.UI.PromptForChoice("Server SSH Fingerprint", "Do you want to trust the fingerprint " + fingerPrint, choices, 1);
                            }
                            if (choice == 0)
                            {
                                var keymng = new TrustedKeyManagement();

                                //WriteVerbose("Saving fingerprint " + fingerPrint + " for host " + computer);
                                keymng.SetKey(computer1, fingerPrint);
                                e.CanTrust = true;
                            }
                            else
                            {
                                e.CanTrust = false;
                            }
                        }
                    };

                    // Set the connection timeout
                    client.ConnectionInfo.Timeout = TimeSpan.FromSeconds(_connectiontimeout);

                    // Set Keepalive for connections
                    client.KeepAliveInterval = TimeSpan.FromSeconds(_keepaliveinterval);

                    // Connect to  host using Connection info
                    //WriteVerbose("Connecting to " + computer + " with user " + _UserNameMod);
                    client.Connect();
                    WriteObject(SSHModuleHelper.AddToSSHSessionCollection(client, SessionState), true);
                }
            }
            else
            {
                //Use SSH Key for authentication

                WriteVerbose("Using SSH Key authentication for connection.");
                var fullPath = Path.GetFullPath(_keyfile);
                if (File.Exists(fullPath))
                {
                    foreach (var computer in _computername)
                    {
                        PrivateKeyConnectionInfo connectionInfo;
                        if (_proxyserver != "")
                        {
                            // Set the proper proxy type
                            var ptype = ProxyTypes.Http;
                            //WriteVerbose("A Proxy Server has been specified");
                            switch (_proxytype)
                            {
                            case "HTTP":
                                ptype = ProxyTypes.Http;
                                break;

                            case "Socks4":
                                ptype = ProxyTypes.Socks4;
                                break;

                            case "Socks5":
                                ptype = ProxyTypes.Socks5;
                                break;
                            }

                            if (_credential.GetNetworkCredential().Password == "")
                            {
                                WriteVerbose("Using key with no passphrase.");
                                var sshkey = new PrivateKeyFile(File.OpenRead(@fullPath));
                                connectionInfo = new PrivateKeyConnectionInfo(computer, _port, _credential.GetNetworkCredential().UserName, sshkey);
                            }
                            else
                            {
                                WriteVerbose("Using key with passphrase.");
                                var sshkey = new PrivateKeyFile(File.OpenRead(@fullPath), _credential.GetNetworkCredential().Password);

                                if (_proxycredential.UserName == "")
                                {
                                    connectionInfo = new PrivateKeyConnectionInfo(computer,
                                                                                  _port,
                                                                                  _credential.GetNetworkCredential().UserName,
                                                                                  ptype,
                                                                                  _proxyserver,
                                                                                  _proxyport,
                                                                                  sshkey);
                                }
                                else
                                {
                                    connectionInfo = new PrivateKeyConnectionInfo(computer,
                                                                                  _port,
                                                                                  _credential.GetNetworkCredential().UserName,
                                                                                  ptype,
                                                                                  _proxyserver,
                                                                                  _proxyport,
                                                                                  _proxycredential.GetNetworkCredential().UserName,
                                                                                  _proxycredential.GetNetworkCredential().Password,
                                                                                  sshkey);
                                }
                            }
                        }
                        else
                        {
                            WriteVerbose("Using SSH Key authentication for connection.");

                            if (_credential.GetNetworkCredential().Password == "")
                            {
                                WriteVerbose("Using key with no passphrase.");

                                var sshkey = new PrivateKeyFile(File.OpenRead(@fullPath));
                                connectionInfo = new PrivateKeyConnectionInfo(computer, _credential.GetNetworkCredential().UserName, sshkey);
                            }
                            else
                            {
                                WriteVerbose("Using key with passphrase.");

                                var sshkey = new PrivateKeyFile(File.OpenRead(@fullPath), _credential.GetNetworkCredential().Password);
                                connectionInfo = new PrivateKeyConnectionInfo(computer, _credential.GetNetworkCredential().UserName, sshkey);
                            }
                        }

                        //Ceate instance of SSH Client with connection info
                        var client = new SshClient(connectionInfo);

                        // Handle host key
                        string computer1 = computer;
                        client.HostKeyReceived += delegate(object sender, HostKeyEventArgs e)
                        {
                            var sb = new StringBuilder();

                            foreach (var b in e.FingerPrint)
                            {
                                sb.AppendFormat("{0:x}:", b);
                            }

                            string fingerPrint = sb.ToString().Remove(sb.ToString().Length - 1);

                            if (_sshHostKeys.ContainsKey(computer1))
                            {
                                if (_sshHostKeys[computer1] == fingerPrint)
                                {
                                    //WriteVerbose("Fingerprint matched trusted fingerpring for host " + computer);

                                    e.CanTrust = true;
                                }
                                else
                                {
                                    throw new System.Security.SecurityException("SSH fingerprint mistmatch for host " + computer1);
                                }
                            }
                            else
                            {
                                int choice;
                                if (_acceptkey)
                                {
                                    choice = 0;
                                }
                                else
                                {
                                    var choices = new Collection <ChoiceDescription>
                                    {
                                        new ChoiceDescription("Y"),
                                        new ChoiceDescription("N")
                                    };

                                    choice = Host.UI.PromptForChoice("Server SSH Fingerprint", "Do you want to trust the fingerprint " + fingerPrint, choices, 1);
                                }
                                if (choice == 0)
                                {
                                    var keymng = new TrustedKeyManagement();

                                    //WriteVerbose("Saving fingerprint " + fingerPrint + " for host " + computer);
                                    keymng.SetKey(computer1, fingerPrint);
                                    e.CanTrust = true;
                                }
                                else
                                {
                                    e.CanTrust = false;
                                }
                            }
                        };

                        // Set the connection timeout
                        client.ConnectionInfo.Timeout = TimeSpan.FromSeconds(_connectiontimeout);

                        // Set Keepalive for connections
                        client.KeepAliveInterval = TimeSpan.FromSeconds(_keepaliveinterval);

                        // Connect to  host using Connection info
                        client.Connect();
                        WriteObject(SSHModuleHelper.AddToSSHSessionCollection(client, SessionState), true);
                    }
                }
                else
                {
                    throw new FileNotFoundException("Key file " + fullPath + " was not found.");
                }
            }
        }