Skip site navigation (1) Skip section navigation (2)

Re: SSH Tunneling implementation

From: Akshay Joshi <akshay(dot)joshi(at)enterprisedb(dot)com>
To: Dave Page <dpage(at)pgadmin(dot)org>
Cc: Magnus Hagander <magnus(at)hagander(dot)net>, pgadmin-hackers <pgadmin-hackers(at)postgresql(dot)org>
Subject: Re: SSH Tunneling implementation
Date: 2012-07-09 09:10:18
Message-ID: CANxoLDcC_uYCL+4wPoM4it-kZ6Cijnr+VUS-mNkjyQMBGpVMUQ@mail.gmail.com (view raw or flat)
Thread:
Lists: pgadmin-hackers
On Fri, Jul 6, 2012 at 8:04 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:

> On Fri, Jul 6, 2012 at 3:31 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:
> > On Fri, Jul 6, 2012 at 3:29 PM, Magnus Hagander <magnus(at)hagander(dot)net>
> wrote:
> >> On Fri, Jul 6, 2012 at 4:26 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:
> >>> Hi
> >>>
> >>> On Thu, Jul 5, 2012 at 2:07 PM, Akshay Joshi
> >>> <akshay(dot)joshi(at)enterprisedb(dot)com> wrote:
> >>>> Hi All
> >>>>
> >>>> I have implemented SSH tunneling using libssh2 library and added the
> logic
> >>>> into pgAdmin3. With current implementation SSH tunnel will be created
> using
> >>>> password as authentication mode. I'll work on the certificate based
> >>>> authentication. I have attached two patch files 1) SSHTunnel.patch 2)
> >>>> vcxproj.patch (Only for Windows).
> >>>>
> >>>> Below are the steps to build pgadmin
> >>>>
> >>>> Download libssh2 source code from http://www.libssh2.org/
> >>>>
> >>>> On Windows:-
> >>>>
> >>>> Compile libssh2 library on Windows
> >>>>
> >>>> "libssh2.dsw" file is available in win32 folder.
> >>>> Specify path of the OpenSSL's include folder in
> >>>> "Properties->C++->General->Additional Include Directories"
> >>>> Specify path of the OpenSSL and Zlib's lib folder in
> >>>> "Properties->Linker->General->Additional Library Directories"
> >>>>
> >>>> Create new environment variable LIBSSH2 and set the path of the
> libssh2
> >>>> folder.
> >>>> Compile pgAdmin3.
> >>>>
> >>>> On Linux:-
> >>>>
> >>>> To compile libssh2 run ./configure, make and make install.
> >>>> Compile pgAdmin3.
> >>>
> >>> OK, a few issues when testing on Mac:
> >>
> >> I haven't actually tested it, but I have a question based on the
> >> review by dave :-)
> >>
> >>> - The Certificate/Password options should align with the text boxes,
> >>> and have a title. Eg.
> >>>
> >>> Authentication            (*) Password     ( ) Certificate
> >>
> >> Is that actually certificate authentication? Is it not ssh public key
> >> authentication?
> >
> > Good point. Yes it is.
>
> Gargh, hit Send too soon.
>
> So, following on:
>
> - s/Certificate/Public key
>
> - Does the user really need to specify the public key as well as the
> private key? Normally just the private key is use at the client, and
> the public key at the server.
>

   We are using following API for successful authentication using public key

   libssh2_userauth_publickey_fromfile(LIBSSH2_SESSION *session,   const
char *username,   const char *publickey,   const char *privatekey,
   const char *passphrase);

   So in this case we will require both public and private key. We can do
one thing here is only get the private key from user and assume public key
   file (.pub) is at the same folder location. Thoughts? Comments?

>
> --
> Dave Page
> Blog: http://pgsnake.blogspot.com
> Twitter: @pgsnake
>
> EnterpriseDB UK: http://www.enterprisedb.com
> The Enterprise PostgreSQL Company
>



-- 
*Akshay Joshi
Senior Software Engineer
EnterpriseDB Corporation
The Enterprise PostgreSQL Company
Phone: +91 20-3058-9522
Mobile: +91 976-788-8246*

In response to

Responses

pgadmin-hackers by date

Next:From: Dave PageDate: 2012-07-09 09:15:11
Subject: Re: SSH Tunneling implementation
Previous:From: Dave PageDate: 2012-07-08 19:46:27
Subject: Re: SSH Tunneling implementation

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group