Add opt-in, security-gated SSH-agent forwarding
Item 3: SSH-agent forwarding, double-gated (client -A/forward_agent AND server allow_agent_forwarding) and off by default on both ends. Wire: new ForwardingKind::Agent (appended, existing bincode discriminants unchanged). Bumped protocol VERSION 2 -> 3 so a pre-agent peer answers with a clear version-mismatch reject instead of a deserialize error. Client: -A / --forward-agent flag; requires local SSH_AUTH_SOCK. Requests an Agent forwarding during native auth (agent forwarding requires native auth) and, on a server-initiated StreamOpen carrying the reserved @dosh-agent sentinel, splices the stream into the local agent unix socket (separate agent_writers map, TCP forwarding paths untouched). Rejects agent StreamOpens unless it opted in, so a server cannot reach the agent without consent. Server: when the client opted in and allow_agent_forwarding is set, binds a per-session proxy unix socket (dir 0700, socket 0600) before the shell spawns, exports its path as the session's SSH_AUTH_SOCK, and tunnels each connection back to the client over the agent sentinel stream. Applies only to freshly spawned shells (documented). Socket cleaned up on auth/forward failure and when the accept loop ends. SECURITY rationale documented in comments. Tests: 2 end-to-end integration tests (full chain identities round-trip via a PTY-hosted client + looping fake agent; and "no -A => no proxy socket"). Docs updated (README forwarding + disconnect-status note, spec §12.1). fmt + full test suite green (122 tests). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
@@ -139,9 +139,13 @@ dosh --session logs palav
|
||||
Press `Ctrl-]` to detach the current client while leaving the server session alive.
|
||||
Typing `exit` in the remote shell closes that Dosh session and returns the client.
|
||||
If UDP packets stop arriving, Dosh keeps the terminal open, sends keepalive pings,
|
||||
and attempts ticket-based reconnect. The old in-band status overlay was removed
|
||||
because writing directly over the terminal could corrupt TUIs; a non-destructive
|
||||
status surface is tracked as a public-readiness item.
|
||||
and attempts ticket-based reconnect. While the link is silent it shows a single,
|
||||
non-destructive status line on the bottom screen row (`[dosh] last contact Ns ago
|
||||
— reconnecting…`), drawn with save/restore cursor so it never moves the app cursor
|
||||
or corrupts a full-screen TUI, and cleared the instant packets resume. (The old
|
||||
in-band overlay wrote over the active line and could corrupt TUIs; this draws only
|
||||
the last row.) Disable it with `disconnect_status = false` in `client.toml` or
|
||||
`DOSH_DISCONNECT_STATUS=0`.
|
||||
|
||||
If SSH and UDP use different public names, specify the UDP address:
|
||||
|
||||
@@ -283,6 +287,12 @@ servers:
|
||||
- **TCP forwarding**: local `-L`, remote `-R` (loopback bind by default), dynamic
|
||||
SOCKS5 `-D`, forward-only `-N`, and background `-f`, with per-stream flow control so
|
||||
bulk transfers do not lag the terminal.
|
||||
- **Agent forwarding** (opt-in, security-gated): `-A` / `forward_agent` exports your
|
||||
local `SSH_AUTH_SOCK` to a per-session proxy socket on the server (private dir,
|
||||
mode 0600) and tunnels each connection back to your agent over a Dosh stream. Only
|
||||
active on explicit client opt-in **and** server `allow_agent_forwarding = true`; it
|
||||
applies to freshly spawned shells (not an already-running attached/prewarmed
|
||||
session, the same constraint ssh/mosh have).
|
||||
- **Diagnostics**: `dosh doctor host` for config/auth/UDP/forwarding-policy checks.
|
||||
|
||||
Native auth is **opt-in alongside SSH fallback** (`auth_preference = "native,ssh"`):
|
||||
|
||||
Reference in New Issue
Block a user