From 770df7122ead1e290a75f88b3ff88794f4cfc434 Mon Sep 17 00:00:00 2001 From: Feng_Qi Date: Fri, 11 Feb 2022 15:26:40 +0800 Subject: [PATCH] VERSION 0.4.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 支持在 sshHost 中配置 ciphers 和 keyExchanges 参数,以更好的适配不同的服务器环境 --- funcs/sshconnect.go | 32 ++++++++++++++++---------------- g/cfg.go | 17 ++++++++++++----- g/const.go | 2 +- main.go | 13 ++++++++++--- 4 files changed, 39 insertions(+), 25 deletions(-) diff --git a/funcs/sshconnect.go b/funcs/sshconnect.go index 403c802..fd8f359 100644 --- a/funcs/sshconnect.go +++ b/funcs/sshconnect.go @@ -14,7 +14,7 @@ import ( "golang.org/x/crypto/ssh" ) -func connect(user, password, host, key string, port int, cipherList []string) (*ssh.Session, error) { +func connect(user, password, host, key string, port int, cipherList, keyExchangeList []string) (*ssh.Session, error) { var ( auth []ssh.AuthMethod addr string @@ -45,16 +45,16 @@ func connect(user, password, host, key string, port int, cipherList []string) (* } auth = append(auth, ssh.PublicKeys(signer)) } - if len(cipherList) == 0 { - config = ssh.Config{ - Ciphers: []string{"aes128-ctr", "aes192-ctr", "aes256-ctr", "aes128-gcm@openssh.com", "arcfour256", "arcfour128", "aes128-cbc", "3des-cbc", "aes192-cbc", "aes256-cbc"}, - KeyExchanges: []string{"diffie-hellman-group-exchange-sha1", "diffie-hellman-group1-sha1", "diffie-hellman-group-exchange-sha256"}, - } + config.Ciphers = []string{"aes128-ctr", "aes192-ctr", "aes256-ctr", "aes128-gcm@openssh.com", "arcfour256", "arcfour128", "aes128-cbc", "3des-cbc", "aes192-cbc", "aes256-cbc"} } else { - config = ssh.Config{ - Ciphers: cipherList, - } + config.Ciphers = cipherList + } + + if len(keyExchangeList) == 0 { + config.KeyExchanges = []string{"diffie-hellman-group-exchange-sha1", "diffie-hellman-group1-sha1", "diffie-hellman-group-exchange-sha256"} + } else { + config.KeyExchanges = keyExchangeList } clientConfig = &ssh.ClientConfig{ @@ -92,12 +92,12 @@ func connect(user, password, host, key string, port int, cipherList []string) (* return session, nil } -func Dossh(username, password, host, key string, cmdlist []string, port, timeout int, cipherList []string, linuxMode bool, ch chan g.SSHResult) { +func Dossh(username, password, host, key string, cmdlist []string, port, timeout int, cipherList, keyExchangeList []string, linuxMode bool, ch chan g.SSHResult) { chSSH := make(chan g.SSHResult) if linuxMode { - go dossh_run(username, password, host, key, cmdlist, port, cipherList, chSSH) + go dossh_run(username, password, host, key, cmdlist, port, cipherList, keyExchangeList, chSSH) } else { - go dossh_session(username, password, host, key, cmdlist, port, cipherList, chSSH) + go dossh_session(username, password, host, key, cmdlist, port, cipherList, keyExchangeList, chSSH) } var res g.SSHResult @@ -113,8 +113,8 @@ func Dossh(username, password, host, key string, cmdlist []string, port, timeout return } -func dossh_session(username, password, host, key string, cmdlist []string, port int, cipherList []string, ch chan g.SSHResult) { - session, err := connect(username, password, host, key, port, cipherList) +func dossh_session(username, password, host, key string, cmdlist []string, port int, cipherList, keyExchangeList []string, ch chan g.SSHResult) { + session, err := connect(username, password, host, key, port, cipherList, keyExchangeList) var sshResult g.SSHResult sshResult.Host = host @@ -159,8 +159,8 @@ func dossh_session(username, password, host, key string, cmdlist []string, port return } -func dossh_run(username, password, host, key string, cmdlist []string, port int, cipherList []string, ch chan g.SSHResult) { - session, err := connect(username, password, host, key, port, cipherList) +func dossh_run(username, password, host, key string, cmdlist []string, port int, cipherList, keyExchangeList []string, ch chan g.SSHResult) { + session, err := connect(username, password, host, key, port, cipherList, keyExchangeList) var sshResult g.SSHResult sshResult.Host = host diff --git a/g/cfg.go b/g/cfg.go index b3a3a32..cfe81be 100644 --- a/g/cfg.go +++ b/g/cfg.go @@ -27,6 +27,12 @@ type SSHHost struct { type HostJson struct { SshHosts []SSHHost + Global GlobalConfig +} + +type GlobalConfig struct { + Ciphers string + KeyExchanges string } type SSHResult struct { @@ -36,6 +42,9 @@ type SSHResult struct { } func SplitString(str string) (strList []string) { + if str == "" { + return + } if strings.Contains(str, ",") { strList = strings.Split(str, ",") } else { @@ -72,20 +81,18 @@ func Getfile(filePath string) ([]string, error) { } //gu -func GetJsonFile(filePath string) ([]SSHHost, error) { - result := []SSHHost{} +func GetJsonFile(filePath string) (HostJson, error) { + var result HostJson b, err := ioutil.ReadFile(filePath) if err != nil { log.Println("read file ", filePath, err) return result, err } - var m HostJson - err = json.Unmarshal(b, &m) + err = json.Unmarshal(b, &result) if err != nil { log.Println("read file ", filePath, err) return result, err } - result = m.SshHosts return result, nil } func WriteIntoTxt(sshResult SSHResult, locate string) error { diff --git a/g/const.go b/g/const.go index 43aee6a..9e9db32 100644 --- a/g/const.go +++ b/g/const.go @@ -9,5 +9,5 @@ package g // json Unmarshal with error // 0.2.3 const ( - VERSION = "0.3.0" + VERSION = "0.4.0" ) diff --git a/main.go b/main.go index 439e461..7b7693f 100644 --- a/main.go +++ b/main.go @@ -23,6 +23,7 @@ func main() { key := flag.String("k", "", "ssh private key") port := flag.Int("port", 22, "ssh port") ciphers := flag.String("ciphers", "", "ciphers") + keyExchanges := flag.String("keyexchanges", "", "keyexchanges") cmdFile := flag.String("cmdfile", "", "cmdfile path") hostFile := flag.String("hostfile", "", "hostfile path") ipFile := flag.String("ipfile", "", "ipfile path") @@ -36,7 +37,7 @@ func main() { flag.Parse() - var cmdList, hostList, cipherList []string + var cmdList, hostList, cipherList, keyExchangeList []string var err error sshHosts := []g.SSHHost{} @@ -88,6 +89,9 @@ func main() { if *ciphers != "" { cipherList = g.SplitString(*ciphers) } + if *keyExchanges != "" { + keyExchangeList = g.SplitString(*keyExchanges) + } if *cfgFile == "" { for _, host := range hostList { host_Struct.Host = host @@ -100,11 +104,14 @@ func main() { sshHosts = append(sshHosts, host_Struct) } } else { - sshHosts, err = g.GetJsonFile(*cfgFile) + sshHostConfig, err := g.GetJsonFile(*cfgFile) if err != nil { log.Println("load cfgFile error: ", err) return } + cipherList = g.SplitString(sshHostConfig.Global.Ciphers) + keyExchangeList = g.SplitString(sshHostConfig.Global.KeyExchanges) + sshHosts = sshHostConfig.SshHosts for i := 0; i < len(sshHosts); i++ { if sshHosts[i].Cmds != "" { sshHosts[i].CmdList = g.SplitString(sshHosts[i].Cmds) @@ -124,7 +131,7 @@ func main() { startTime := time.Now() log.Println("Multissh start") limitFunc := func(chLimit chan bool, ch chan g.SSHResult, host g.SSHHost) { - funcs.Dossh(host.Username, host.Password, host.Host, host.Key, host.CmdList, host.Port, *timeLimit, cipherList, host.LinuxMode, ch) + funcs.Dossh(host.Username, host.Password, host.Host, host.Key, host.CmdList, host.Port, *timeLimit, cipherList, keyExchangeList, host.LinuxMode, ch) <-chLimit } for i, host := range sshHosts {