[HN Gopher] Warpgate: Smart SSH bastion that works with any SSH ...
___________________________________________________________________
Warpgate: Smart SSH bastion that works with any SSH client
Author : todsacerdoti
Score : 52 points
Date : 2022-04-17 17:11 UTC (5 hours ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| oauea wrote:
| Nice to see this! There are surprisingly few solutions that
| support SSH session recording.
| traceroute66 wrote:
| hmmm... it might be written in Rust, but I'd still rather use an
| instance of good-old OpenSSH as a suitably configured bastion
| host.
|
| OpenSSH has been battle-tested to death and comes from a good
| stable (OpenBSD, LibreSSL).
|
| I'm very weary indeed of re-implementations of SSH servers.
| jffry wrote:
| I think this is fulfilling a slightly different niche - further
| down in the README it talks specifically about opening a
| separate connection to the host and recording the session for
| audit purposes.
|
| Which offers a little more than a simple SSH bastion would,
| unless there are features like this in OpenSSH I'm not aware
| of.
| likeabbas wrote:
| Personally, I'm weary of software written in languages without
| memory safety that are more likely to have long living exploits
| only known to certain government authorities.
| VWWHFSfQ wrote:
| Just because the OP didn't use unsafe {} anywhere in their
| code doesn't mean it's not used in any dependencies. Just
| glancing at some of the deps I can already see there is a lot
| of unsafe usage deep down that are "wrapped" in safe
| interfaces. Rust is not some kind of silver bullet for
| safety. It just makes it more explicit.
|
| Also, I'm less concerned about the memory safety than the
| _complete reimplementation of SSH_ from scratch. So give me
| OpenSSH any day for things that are actually important.
| adontz wrote:
| I believe this is Privileged Access Management (PAM) product.
| antoniomika wrote:
| At a previous role I made something similar [0] in Golang, but
| used SSH certificates to manage authentication. This had the
| added benefit of logging the user connection information in each
| server's auth.log based on the generated private key and signed
| (but short lived) certificate used for auth in the session. At
| one point I had changes that would sign certificates from Vault
| [1] directly.
|
| I had it so that a user needed to login to the service with their
| GSuite account every 24H, and each login required 2fa as well.
| SSH sessions were recorded in asciicast format (which seems to be
| used here as well) and there was an audit log to track
| connections. They could be joined in real time and disconnected
| from a simple admin interface. The ACL system was a pretty basic
| method of using regex for defining auth rules.
|
| Worked pretty well and helped with compliance audits we were
| completing at the time. I think the benefits here of being in
| Rust is definitely performance and memory safety. Granted, The Go
| implementation was pretty fast and safe as well. Go made it
| pretty easy to implement due to the SSH implementation in the
| standard library.
|
| [0] https://github.com/notion/bastion
|
| [1] https://www.vaultproject.io/docs/secrets/ssh/signed-ssh-
| cert...
| tomohawk wrote:
| > You'll need nightly Rust (will be installed automatically),
| NodeJS and Yarn
|
| Is Rust unable to provide a suitable back end - the need for node
| seems offputting
| oauea wrote:
| That's just for building the frontend: https://github.com/warp-
| tech/warpgate/tree/main/warpgate-adm...
|
| Not used or needed at runtime
| jitl wrote:
| Very reminiscent of the Teleport access proxy which started out
| as a SSH proxy but now also supports a bunch of other protocols:
| https://github.com/gravitational/teleport
___________________________________________________________________
(page generated 2022-04-17 23:00 UTC)