update. fix #32. add field Connect.HostKeyCallback

Author: blacknon

_example/example_http_dynamic_forward_shell.go

@@ -2,7 +2,7 @@
 // Use of this source code is governed by an MIT license
 // that can be found in the LICENSE file.
 
-// Shell connection and dynamic forwarding Example file.
+// Shell connection and http dynamic forwarding Example file.
 // Change the value of the variable and compile to make sure that you can actually connect.
 //
 // This file uses password authentication. Please replace as appropriate.

_example/example_set_host_key_callback_shell.go

@@ -0,0 +1,73 @@
+// Copyright (c) 2020 Blacknon. All rights reserved.
+// Use of this source code is governed by an MIT license
+// that can be found in the LICENSE file.
+
+// Shell connection and any HostKeyCallback use Example file.
+// Change the value of the variable and compile to make sure that you can actually connect.
+//
+// This file uses key authentication. Please replace as appropriate.
+
+package main
+
+import (
+	"fmt"
+	"os"
+
+	sshlib "github.com/blacknon/go-sshlib"
+	"golang.org/x/crypto/ssh"
+)
+
+var (
+	host    = "target.com"
+	port    = "22"
+	user    = "user"
+	privkey = "~/.ssh/sshenc_key"
+	keypass = "password"
+
+	termlog = "./test_termlog"
+)
+
+func main() {
+	// Create sshlib.Connect
+	con := &sshlib.Connect{
+		// If you use x11 forwarding, please set to true.
+		ForwardX11: false,
+
+		// If you use ssh-agent forwarding, please set to true.
+		// And after, run `con.ConnectSshAgent()`.
+		ForwardAgent: false,
+	}
+
+	// set any HostKeyCallback.
+	con.HostKeyCallback = ssh.InsecureIgnoreHostKey()
+
+	// Create ssh.AuthMethods
+	authMethod, err := sshlib.CreateAuthMethodPublicKey(privkey, keypass)
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+
+	// If you use ssh-agent forwarding, uncomment it.
+	// con.ConnectSshAgent()
+
+	// Connect ssh server
+	err = con.CreateClient(host, port, user, []ssh.AuthMethod{authMethod})
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+
+	// Set terminal log
+	// con.SetLog(termlog, false)
+
+	// Create Session
+	session, err := con.CreateSession()
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+
+	// Start ssh shell
+	con.Shell(session)
+}

connect.go

@@ -41,14 +41,22 @@ type Connect struct {
 	SendKeepAliveInterval int
 
 	// Session use tty flag.
+	// Set it before CraeteClient.
 	TTY bool
 
 	// Forward ssh agent flag.
+	// Set it before CraeteClient.
 	ForwardAgent bool
 
 	// CheckKnownHosts if true, check knownhosts.
+	// Set it before CraeteClient.
 	CheckKnownHosts bool
 
+	// HostKeyCallback is ssh.HostKeyCallback.
+	// This item takes precedence over `CheckKnownHosts`.
+	// Set it before CraeteClient.
+	HostKeyCallback ssh.HostKeyCallback
+
 	// OverwriteKnownHosts if true, if the knownhost is different, check whether to overwrite.
 	OverwriteKnownHosts bool
 
@@ -73,13 +81,16 @@ type Connect struct {
 
 	// ssh-agent interface.
 	// agent.Agent or agent.ExtendedAgent
+	// Set it before CraeteClient.
 	Agent AgentInterface
 
 	// Forward x11 flag.
+	// Set it before CraeteClient.
 	ForwardX11 bool
 
 	// Forward X11 trusted flag.
 	// This flag is ssh -Y option like flag.
+	// Set it before CraeteClient.
 	ForwardX11Trusted bool
 
 	// shell terminal log flag
@@ -111,14 +122,18 @@ func (c *Connect) CreateClient(host, port, user string, authMethods []ssh.AuthMe
 		Timeout: time.Duration(timeout) * time.Second,
 	}
 
-	if c.CheckKnownHosts {
-		if len(c.KnownHostsFiles) == 0 {
-			// append default files
-			c.KnownHostsFiles = append(c.KnownHostsFiles, "~/.ssh/known_hosts")
-		}
-		config.HostKeyCallback = c.verifyAndAppendNew
+	if c.HostKeyCallback != nil {
+		config.HostKeyCallback = c.HostKeyCallback
 	} else {
-		config.HostKeyCallback = ssh.InsecureIgnoreHostKey()
+		if c.CheckKnownHosts {
+			if len(c.KnownHostsFiles) == 0 {
+				// append default files
+				c.KnownHostsFiles = append(c.KnownHostsFiles, "~/.ssh/known_hosts")
+			}
+			config.HostKeyCallback = c.verifyAndAppendNew
+		} else {
+			config.HostKeyCallback = ssh.InsecureIgnoreHostKey()
+		}
 	}
 
 	// check Dialer