[Twisted-Python] SSH Server with commands filtering

Tzury Bar Yochay tzury.by at gmail.com
Thu Dec 18 08:38:55 EST 2008


Hi,
I am willing to deploy on my server an SSH daemon which I can control
what commands can be executed, and by who.
After playing with jailkit [link] I realised that implementing my own
SSH server will give me more power and scalability (especially
regarding of users, keys and accounts management).

Naturally I approached twisted knowing it will solve this problem as a
smart kiddo solves a simple safari puzzle.

Playing with samples found on the web and at Twisted docs, I realised
that twisted has everything I need for the task, but I am missing the
knowledge of how to glue it all together.

In fact, a command if not working on the first strike, works on the second try.

at http://gist.github.com/37446 I pasted the server.py code. which is
a modification of what I've found at:
http://twistedmatrix.com/projects/conch/documentation/examples/sshsimpleserver.py

for instance trying to run git over ssh yeilds error at first, and
when running again seems to be working.
below is the console output on the client side

#first attempt
tzury at regulus:~$ git clone
ssh://tzury@localhost:5022/home/tzury/devel/ice/snoip/freespeech
clone-repo7
Initialized empty Git repository in /home/tzury/clone-repo7/.git/
remote: Counting objects: 347, done.
remote: Compressing objects: 100% (232/232), done.
Receiving objects: 100% (347/347), 91.75 KiB, done.
remote: Total 347 (delta 234), reused 177 (delta 114)
fatal: The remote end hung up unexpectedly
Resolving deltas: 100% (234/234), done.
error: waitpid (async) failed
fatal: error in sideband demultiplexer

#second attempt
tzury at regulus:~$ git clone
ssh://tzury@localhost:5022/home/tzury/devel/ice/snoip/freespeech
clone-repo7
Initialized empty Git repository in /home/tzury/clone-repo7/.git/
remote: Counting objects: 347, done.
remote: Compressing objects: 100% (232/232), done.
Receiving objects: 100% (347/347), 91.75 KiB, done.
remote: Total 347 (delta 234), reused 177 (delta 114)
Resolving deltas: 100% (234/234), done.
tzury at regulus:~$



-- 
Tzury Bar Yochay




More information about the Twisted-Python mailing list