MCPcopy Index your code
hub / github.com/tailscale/tailscale / ExampleServerConfig_AddHostKey

Function ExampleServerConfig_AddHostKey

tempfork/sshtest/ssh/example_test.go:157–185  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

155}
156
157func ExampleServerConfig_AddHostKey() {
158 // Minimal ServerConfig supporting only password authentication.
159 config := &ssh.ServerConfig{
160 PasswordCallback: func(c ssh.ConnMetadata, pass []byte) (*ssh.Permissions, error) {
161 // Should use constant-time compare (or better, salt+hash) in
162 // a production setting.
163 if c.User() == "testuser" && string(pass) == "tiger" {
164 return nil, nil
165 }
166 return nil, fmt.Errorf("password rejected for %q", c.User())
167 },
168 }
169
170 privateBytes, err := os.ReadFile("id_rsa")
171 if err != nil {
172 log.Fatal("Failed to load private key: ", err)
173 }
174
175 private, err := ssh.ParsePrivateKey(privateBytes)
176 if err != nil {
177 log.Fatal("Failed to parse private key: ", err)
178 }
179 // Restrict host key algorithms to disable ssh-rsa.
180 signer, err := ssh.NewSignerWithAlgorithms(private.(ssh.AlgorithmSigner), []string{ssh.KeyAlgoRSASHA256, ssh.KeyAlgoRSASHA512})
181 if err != nil {
182 log.Fatal("Failed to create private key with restricted algorithms: ", err)
183 }
184 config.AddHostKey(signer)
185}
186
187func ExampleClientConfig_HostKeyCallback() {
188 // Every client must provide a host key check. Here is a

Callers

nothing calls this directly

Calls 5

AddHostKeyMethod · 0.95
UserMethod · 0.65
ErrorfMethod · 0.65
ReadFileMethod · 0.65
FatalMethod · 0.65

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…