SSH commands to provide Secondary DNS self-service.

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for andreaso from gravatar.com andreaso
Meta

Unverified details

These details have not been verified by PyPI
Meta
Classifiers
Report project as malware

Project description

SSH Zone Handler

  • You run your own DNS server(s), providing Secondary DNS to others?
  • You want to provide your DNS tenants with a bit of debugging self-service?
  • You like SSH, but you don't want to grant people not-you full shell access?

If so, then this might just be the tool for you.

Usage

Usage example, based on local Multipass setup.

$ make vm-create

$ alias ssh='ssh -F devel/.dynamic/ssh_conf'

$ ssh zones@szh-named help
usage: command [ZONE]

help                 Display this help message
list                 List available zones
dump ZONE            Output full content of ZONE
logs ZONE1 [ZONE2]   Output the last five days' log entries for ZONE(s)
retransfer ZONE      Trigger a full (AXFR) retransfer of ZONE
$

$ ssh zones@szh-named list
example.com
example.net
$

$ ssh zones@szh-named logs example.net
Apr 28 17:52:00 szh-named named[2821]: zone example.net/IN: Transfer started.
Apr 28 17:52:00 szh-named named[2821]: transfer of 'example.net/IN' from 192.168.63.10#53: connected using 192.168.63.10#53
Apr 28 17:52:00 szh-named named[2821]: zone example.net/IN: transferred serial 26281038
Apr 28 17:52:00 szh-named named[2821]: transfer of 'example.net/IN' from 192.168.63.10#53: Transfer status: success
Apr 28 17:52:00 szh-named named[2821]: transfer of 'example.net/IN' from 192.168.63.10#53: Transfer completed: 1 messages, 6 records, 190 bytes, 0.008 secs (23750 bytes/sec) (serial 26281038)
$

Setup instructions

Create user accounts

adduser --comment "SSH Zone Handler journalctl sudo access" --ingroup systemd-journal --system szh-logviewer
adduser --comment "SSH Zone Handler OpenSSH AuthorizedKeysCommandUser" --system szh-sshdcmd
adduser --comment "SSH Zone Handler shared login user" --disabled-password  zones

Create configuration

Create /etc/zone-handler.yaml based on either zone-handler.yaml.bind.example or zone-handler.yaml.knot.example.

Install application

python3 -m venv /opt/ssh-zone-handler
/opt/ssh-zone-handler/bin/pip3 install ssh-zone-handler

Generate sudoers rules

/opt/ssh-zone-handler/bin/szh-sudoers | EDITOR="tee" visudo -f /etc/sudoers.d/zone-handler

Configure sshd

Match User zones
     AuthorizedKeysFile none
     AuthorizedKeysCommandUser szh-sshdcmd
     AuthorizedKeysCommand /opt/ssh-zone-handler/bin/szh-sshkeys
     DisableForwarding yes
     PermitTTY no

Known limitations

  • Might be Debian/Ubuntu distro specific

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for andreaso from gravatar.com andreaso
Meta

Unverified details

These details have not been verified by PyPI
Meta
Classifiers

Release history Release notifications | RSS feed

0.4.1

This version

0.4.0

0.3.3

0.3.2

0.3.1

0.3.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ssh_zone_handler-0.4.0.tar.gz (8.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ssh_zone_handler-0.4.0-py3-none-any.whl (11.5 kB view details)

Uploaded Python 3

File details

Details for the file ssh_zone_handler-0.4.0.tar.gz.

File metadata

  • Download URL: ssh_zone_handler-0.4.0.tar.gz
  • Upload date:
  • Size: 8.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for ssh_zone_handler-0.4.0.tar.gz
Algorithm Hash digest
SHA256 6fccfe5d897a6fb6400535973cd6b420fbf93b4ad6d0d86b9053a78abcdd4677
MD5 f409589cb2639a3564d679400396f175
BLAKE2b-256 af8a7e55b54cebff6a2c33474f89278fa6429d8afbbe39539cf37c967572c9e5

See more details on using hashes here.

Provenance

The following attestation bundles were made for ssh_zone_handler-0.4.0.tar.gz:

Publisher: publish.yaml on andreaso/ssh-zone-handler

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ssh_zone_handler-0.4.0-py3-none-any.whl.

File metadata

File hashes

Hashes for ssh_zone_handler-0.4.0-py3-none-any.whl
Algorithm Hash digest
SHA256 35b2ef5eac35e8efe3e8fcb4727a03f2cb38c7414ba5a0c3487f0bb6d82a2d31
MD5 2b0e15999b12a692516b53a2d54f83bc
BLAKE2b-256 b60144aa9c7ca27cb581157d556862272eb58b1c687e0f0c606fad2165d1ad43

See more details on using hashes here.

Provenance

The following attestation bundles were made for ssh_zone_handler-0.4.0-py3-none-any.whl:

Publisher: publish.yaml on andreaso/ssh-zone-handler

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page