Re: SSH Tunneling implementation - Mailing list pgadmin-hackers
| From | Akshay Joshi |
|---|---|
| Subject | Re: SSH Tunneling implementation |
| Date | |
| Msg-id | CANxoLDcC_uYCL+4wPoM4it-kZ6Cijnr+VUS-mNkjyQMBGpVMUQ@mail.gmail.com Whole thread Raw |
| In response to | Re: SSH Tunneling implementation (Dave Page <dpage@pgadmin.org>) |
| Responses |
Re: SSH Tunneling implementation
|
| List | pgadmin-hackers |
On Fri, Jul 6, 2012 at 8:04 PM, Dave Page <dpage@pgadmin.org> wrote:
Gargh, hit Send too soon.On Fri, Jul 6, 2012 at 3:31 PM, Dave Page <dpage@pgadmin.org> wrote:
> On Fri, Jul 6, 2012 at 3:29 PM, Magnus Hagander <magnus@hagander.net> wrote:
>> On Fri, Jul 6, 2012 at 4:26 PM, Dave Page <dpage@pgadmin.org> wrote:
>>> Hi
>>>
>>> On Thu, Jul 5, 2012 at 2:07 PM, Akshay Joshi
>>> <akshay.joshi@enterprisedb.com> wrote:
>>>> Hi All
>>>>
>>>> I have implemented SSH tunneling using libssh2 library and added the logic
>>>> into pgAdmin3. With current implementation SSH tunnel will be created using
>>>> password as authentication mode. I'll work on the certificate based
>>>> authentication. I have attached two patch files 1) SSHTunnel.patch 2)
>>>> vcxproj.patch (Only for Windows).
>>>>
>>>> Below are the steps to build pgadmin
>>>>
>>>> Download libssh2 source code from http://www.libssh2.org/
>>>>
>>>> On Windows:-
>>>>
>>>> Compile libssh2 library on Windows
>>>>
>>>> "libssh2.dsw" file is available in win32 folder.
>>>> Specify path of the OpenSSL's include folder in
>>>> "Properties->C++->General->Additional Include Directories"
>>>> Specify path of the OpenSSL and Zlib's lib folder in
>>>> "Properties->Linker->General->Additional Library Directories"
>>>>
>>>> Create new environment variable LIBSSH2 and set the path of the libssh2
>>>> folder.
>>>> Compile pgAdmin3.
>>>>
>>>> On Linux:-
>>>>
>>>> To compile libssh2 run ./configure, make and make install.
>>>> Compile pgAdmin3.
>>>
>>> OK, a few issues when testing on Mac:
>>
>> I haven't actually tested it, but I have a question based on the
>> review by dave :-)
>>
>>> - The Certificate/Password options should align with the text boxes,
>>> and have a title. Eg.
>>>
>>> Authentication (*) Password ( ) Certificate
>>
>> Is that actually certificate authentication? Is it not ssh public key
>> authentication?
>
> Good point. Yes it is.
So, following on:
- s/Certificate/Public key
- Does the user really need to specify the public key as well as the
private key? Normally just the private key is use at the client, and
the public key at the server.
We are using following API for successful authentication using public key
libssh2_userauth_publickey_fromfile(LIBSSH2_SESSION *session, const char *username, const char *publickey, const char *privatekey,
const char *passphrase);
So in this case we will require both public and private key. We can do one thing here is only get the private key from user and assume public key
file (.pub) is at the same folder location. Thoughts? Comments?
--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake
EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
Akshay Joshi
Senior Software Engineer
EnterpriseDB Corporation
The Enterprise PostgreSQL Company
Phone: +91 20-3058-9522
Mobile: +91 976-788-8246
Senior Software Engineer
EnterpriseDB Corporation
The Enterprise PostgreSQL Company
Phone: +91 20-3058-9522
Mobile: +91 976-788-8246
pgadmin-hackers by date: