ssh proxy server to intercept ssh
Project description
ssh-proxy-server - intercept ssh traffic
ssh-proxy-server
is a python library and command line utility to intercept ssh traffic.
At this time, only ssh (terminal) and scp filetransfers are supported.
:warning: do not use this library in production environments! This tool is only for security audits!
Installation
pip install ssh-proxy-server
Start Proxy Server
Password authentication
Start the server:
ssh-proxy-server
Connect to server:
ssh -p 10022 user@remotehost@proxyserver
Public key authentication
When public key authentication is used, the agent is forwarded to the remote server.
Start the server:
ssh-proxy-server --forward-agent
Connect to server:
ssh -A -p 10022 user@remotehost@proxyserver
Available module
The proxy can be configured and extended using command line arguments.
Some arguments accept Python-class names as string.
Loading a class from a package:
ssh-proxy-server --ssh-interface ssh_proxy_server.forwarders.ssh.SSHForwarder
:warning: creating a pip package for custom classes is recommended, because loading from files has some bugs at the moment
Loading a class from a file (experimental):
ssh-proxy-server --ssh-interface /path/to/my/file.py:ExtendedSSHForwarder
SSH interface
- cmd argument:
--ssh-interface
- base class:
ssh_proxy_server.forwarders.ssh.SSHBaseForwarder
- default:
ssh_proxy_server.forwarders.ssh.SSHForwarder
Available forwarders:
ssh_proxy_server.forwarders.ssh.SSHForwarder
- forwards traffic from client to remote serverssh_proxy_server.forwarders.ssh.SSHLogForwarder
- write the session to a file, which can be replayed withscript
ssh_proxy_server.forwarders.ssh.NoShellForwarder
- keeps the session open, when used as master channel, but tty should not be possible to the remote server
SCP interface
- cmd argument:
--scp-interface
- base class:
ssh_proxy_server.forwarders.scp.SCPBaseForwarder
- default:
ssh_proxy_server.forwarders.scp.SCPForwarder
Available forwarders:
ssh_proxy_server.forwarders.scp.SCPForwarder
- transfer file between client and serverssh_proxy_server.forwarders.scp.SCPStorageForwarder
- save file to file system
Authentication:
- cmd argument:
--authenticator
- base class:
ssh_proxy_server.authentication.Authenticator
- default:
ssh_proxy_server.authentication.AuthenticatorPassThrough
Available Authenticators:
ssh_proxy_server.authentication.AuthenticatorPassThrough
- default authenticator, which can reuse credentials
Currently, only one authenticator (AuthenticatorPassThrough) exists, but it supports arguments to specify remote host, username and password, which shlould fit most scenarios. (public keys are on the roadmap)
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for ssh_proxy_server-0.1.4-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 96ae9491255dd35bf42326d3cf3e51cdce63496e92cd39449b693a7f45d7f87e |
|
MD5 | a9cd8c5cc7038715c057a274411e38c8 |
|
BLAKE2b-256 | 584abef3adcfad97fcdd30cc017dbabfaab64e29b61b58ea4cdb41af15623554 |