protected override void BeginProcessing() { // Collect host/fingerprint information from the registry. base.BeginProcessing(); var keymng = new TrustedKeyManagement(); _sshHostKeys = keymng.GetKeys(); }
protected override void ProcessRecord() { if (_keyfile.Equals("")) { //Username authentication //found a problem where domain name wasn't passed when using the format of {domain}\{username} //So, if the domain exists, prefix it properly //If using {username}@{domain}, this is not an issue string _UserNameMod = ""; if (_credential.GetNetworkCredential().Domain.Length > 0) { _UserNameMod = _credential.GetNetworkCredential().Domain + "\\" + _credential.GetNetworkCredential().UserName; } else { _UserNameMod = _credential.GetNetworkCredential().UserName; } var kIconnectInfo = new KeyboardInteractiveAuthenticationMethod(_UserNameMod); foreach (var computer in _computername) { ConnectionInfo connectInfo; if (_proxyserver != "") { // Set the proper proxy type var ptype = ProxyTypes.Http; //WriteVerbose("A Proxy Server has been specified"); switch (_proxytype) { case "HTTP": ptype = ProxyTypes.Http; break; case "Socks4": ptype = ProxyTypes.Socks4; break; case "Socks5": ptype = ProxyTypes.Socks5; break; } var passconnectInfo = new PasswordAuthenticationMethod(_UserNameMod, _credential.GetNetworkCredential().Password); WriteVerbose("Connecting to " + computer + " with user " + _UserNameMod); connectInfo = new ConnectionInfo(computer, _port, _credential.GetNetworkCredential().UserName, ptype, _proxyserver, _proxyport, _proxycredential.GetNetworkCredential().UserName, _proxycredential.GetNetworkCredential().Password, kIconnectInfo, passconnectInfo); } else { // Connection info for Keyboard Interactive var passconnectInfo = new PasswordAuthenticationMethod(_UserNameMod, _credential.GetNetworkCredential().Password); connectInfo = new ConnectionInfo(computer, _port, _UserNameMod, passconnectInfo, kIconnectInfo); } // Event Handler for interactive Authentication kIconnectInfo.AuthenticationPrompt += delegate(object sender, AuthenticationPromptEventArgs e) { foreach (var prompt in e.Prompts) { if (prompt.Request.Contains("Password")) { prompt.Response = _credential.GetNetworkCredential().Password; } } }; //Ceate instance of SSH Client with connection info var client = new SshClient(connectInfo); // Handle host key string computer1 = computer; client.HostKeyReceived += delegate(object sender, HostKeyEventArgs e) { var sb = new StringBuilder(); foreach (var b in e.FingerPrint) { sb.AppendFormat("{0:x}:", b); } string fingerPrint = sb.ToString().Remove(sb.ToString().Length - 1); //WriteVerbose("Key algorithm of " + client.ConnectionInfo.CurrentHostKeyAlgorithm); //WriteVerbose("Key exchange alhorithm " + client.ConnectionInfo.CurrentKeyExchangeAlgorithm); //WriteVerbose("Host key fingerprint: " + fingerPrint); if (_sshHostKeys.ContainsKey(computer1)) { if (_sshHostKeys[computer1] == fingerPrint) { //WriteVerbose("Fingerprint matched trusted fingerpring for host " + computer); e.CanTrust = true; } else { throw new System.Security.SecurityException("SSH fingerprint mistmatch for host " + computer1); } } else { int choice; if (_acceptkey) { choice = 0; } else { var choices = new Collection <ChoiceDescription> { new ChoiceDescription("Y"), new ChoiceDescription("N") }; choice = Host.UI.PromptForChoice("Server SSH Fingerprint", "Do you want to trust the fingerprint " + fingerPrint, choices, 1); } if (choice == 0) { var keymng = new TrustedKeyManagement(); //WriteVerbose("Saving fingerprint " + fingerPrint + " for host " + computer); keymng.SetKey(computer1, fingerPrint); e.CanTrust = true; } else { e.CanTrust = false; } } }; // Set the connection timeout client.ConnectionInfo.Timeout = TimeSpan.FromSeconds(_connectiontimeout); // Set Keepalive for connections client.KeepAliveInterval = TimeSpan.FromSeconds(_keepaliveinterval); // Connect to host using Connection info //WriteVerbose("Connecting to " + computer + " with user " + _UserNameMod); client.Connect(); WriteObject(SSHModuleHelper.AddToSSHSessionCollection(client, SessionState), true); } } else { //Use SSH Key for authentication WriteVerbose("Using SSH Key authentication for connection."); var fullPath = Path.GetFullPath(_keyfile); if (File.Exists(fullPath)) { foreach (var computer in _computername) { PrivateKeyConnectionInfo connectionInfo; if (_proxyserver != "") { // Set the proper proxy type var ptype = ProxyTypes.Http; //WriteVerbose("A Proxy Server has been specified"); switch (_proxytype) { case "HTTP": ptype = ProxyTypes.Http; break; case "Socks4": ptype = ProxyTypes.Socks4; break; case "Socks5": ptype = ProxyTypes.Socks5; break; } if (_credential.GetNetworkCredential().Password == "") { WriteVerbose("Using key with no passphrase."); var sshkey = new PrivateKeyFile(File.OpenRead(@fullPath)); connectionInfo = new PrivateKeyConnectionInfo(computer, _port, _credential.GetNetworkCredential().UserName, sshkey); } else { WriteVerbose("Using key with passphrase."); var sshkey = new PrivateKeyFile(File.OpenRead(@fullPath), _credential.GetNetworkCredential().Password); if (_proxycredential.UserName == "") { connectionInfo = new PrivateKeyConnectionInfo(computer, _port, _credential.GetNetworkCredential().UserName, ptype, _proxyserver, _proxyport, sshkey); } else { connectionInfo = new PrivateKeyConnectionInfo(computer, _port, _credential.GetNetworkCredential().UserName, ptype, _proxyserver, _proxyport, _proxycredential.GetNetworkCredential().UserName, _proxycredential.GetNetworkCredential().Password, sshkey); } } } else { WriteVerbose("Using SSH Key authentication for connection."); if (_credential.GetNetworkCredential().Password == "") { WriteVerbose("Using key with no passphrase."); var sshkey = new PrivateKeyFile(File.OpenRead(@fullPath)); connectionInfo = new PrivateKeyConnectionInfo(computer, _credential.GetNetworkCredential().UserName, sshkey); } else { WriteVerbose("Using key with passphrase."); var sshkey = new PrivateKeyFile(File.OpenRead(@fullPath), _credential.GetNetworkCredential().Password); connectionInfo = new PrivateKeyConnectionInfo(computer, _credential.GetNetworkCredential().UserName, sshkey); } } //Ceate instance of SSH Client with connection info var client = new SshClient(connectionInfo); // Handle host key string computer1 = computer; client.HostKeyReceived += delegate(object sender, HostKeyEventArgs e) { var sb = new StringBuilder(); foreach (var b in e.FingerPrint) { sb.AppendFormat("{0:x}:", b); } string fingerPrint = sb.ToString().Remove(sb.ToString().Length - 1); if (_sshHostKeys.ContainsKey(computer1)) { if (_sshHostKeys[computer1] == fingerPrint) { //WriteVerbose("Fingerprint matched trusted fingerpring for host " + computer); e.CanTrust = true; } else { throw new System.Security.SecurityException("SSH fingerprint mistmatch for host " + computer1); } } else { int choice; if (_acceptkey) { choice = 0; } else { var choices = new Collection <ChoiceDescription> { new ChoiceDescription("Y"), new ChoiceDescription("N") }; choice = Host.UI.PromptForChoice("Server SSH Fingerprint", "Do you want to trust the fingerprint " + fingerPrint, choices, 1); } if (choice == 0) { var keymng = new TrustedKeyManagement(); //WriteVerbose("Saving fingerprint " + fingerPrint + " for host " + computer); keymng.SetKey(computer1, fingerPrint); e.CanTrust = true; } else { e.CanTrust = false; } } }; // Set the connection timeout client.ConnectionInfo.Timeout = TimeSpan.FromSeconds(_connectiontimeout); // Set Keepalive for connections client.KeepAliveInterval = TimeSpan.FromSeconds(_keepaliveinterval); // Connect to host using Connection info client.Connect(); WriteObject(SSHModuleHelper.AddToSSHSessionCollection(client, SessionState), true); } } else { throw new FileNotFoundException("Key file " + fullPath + " was not found."); } } }