From 8119b22817d8ece77bb2d86213907a1241ada89a Mon Sep 17 00:00:00 2001
From: Nikolay Edigaryev <edigaryev@gmail.com>
Date: Fri, 28 Jun 2024 23:55:18 +0400
Subject: [PATCH] orchard controller run: introduce
 --insecure-ssh-no-client-auth (#187)

---
 internal/command/controller/run.go         | 6 +++++-
 internal/controller/controller.go          | 9 +++++----
 internal/controller/option.go              | 3 ++-
 internal/controller/sshserver/sshserver.go | 2 ++
 internal/tests/sshserver_test.go           | 2 +-
 5 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/internal/command/controller/run.go b/internal/command/controller/run.go
index afbd42b..c72be0d 100644
--- a/internal/command/controller/run.go
+++ b/internal/command/controller/run.go
@@ -19,6 +19,7 @@ var BootstrapAdminAccountName = "bootstrap-admin"
 var address string
 var addressSSH string
 var debug bool
+var sshNoClientAuth bool
 
 func newRunCommand() *cobra.Command {
 	cmd := &cobra.Command{
@@ -48,6 +49,9 @@ func newRunCommand() *cobra.Command {
 			" (requires --controller-cert)")
 	cmd.PersistentFlags().StringVar(&sshHostKeyPath, "ssh-host-key", "",
 		"use the SSH private host key from the specified path instead of the auto-generated one")
+	cmd.PersistentFlags().BoolVar(&sshNoClientAuth, "insecure-ssh-no-client-auth", false,
+		"allow SSH clients to connect to the controller's SSH server without authentication, "+
+			"thus only authenticating on the target worker/VM's SSH server")
 
 	return cmd
 }
@@ -103,7 +107,7 @@ func runController(cmd *cobra.Command, args []string) (err error) {
 			return err
 		}
 
-		controllerOpts = append(controllerOpts, controller.WithSSHServer(addressSSH, signer))
+		controllerOpts = append(controllerOpts, controller.WithSSHServer(addressSSH, signer, sshNoClientAuth))
 	}
 
 	controllerInstance, err := controller.New(controllerOpts...)
diff --git a/internal/controller/controller.go b/internal/controller/controller.go
index 1c19567..aecec34 100644
--- a/internal/controller/controller.go
+++ b/internal/controller/controller.go
@@ -59,9 +59,10 @@ type Controller struct {
 	workerOfflineTimeout time.Duration
 	maxWorkersPerLicense uint
 
-	sshListenAddr string
-	sshSigner     ssh.Signer
-	sshServer     *sshserver.SSHServer
+	sshListenAddr   string
+	sshSigner       ssh.Signer
+	sshNoClientAuth bool
+	sshServer       *sshserver.SSHServer
 
 	rpc.UnimplementedControllerServer
 }
@@ -124,7 +125,7 @@ func New(opts ...Option) (*Controller, error) {
 	// Instantiate the SSH server (if configured)
 	if controller.sshListenAddr != "" && controller.sshSigner != nil {
 		controller.sshServer, err = sshserver.NewSSHServer(controller.sshListenAddr, controller.sshSigner,
-			store, controller.proxy, controller.workerNotifier, controller.logger)
+			store, controller.proxy, controller.workerNotifier, controller.sshNoClientAuth, controller.logger)
 		if err != nil {
 			return nil, err
 		}
diff --git a/internal/controller/option.go b/internal/controller/option.go
index 7bc91ca..bfa65a7 100644
--- a/internal/controller/option.go
+++ b/internal/controller/option.go
@@ -27,10 +27,11 @@ func WithTLSConfig(tlsConfig *tls.Config) Option {
 	}
 }
 
-func WithSSHServer(listenAddr string, signer ssh.Signer) Option {
+func WithSSHServer(listenAddr string, signer ssh.Signer, noClientAuth bool) Option {
 	return func(controller *Controller) {
 		controller.sshListenAddr = listenAddr
 		controller.sshSigner = signer
+		controller.sshNoClientAuth = noClientAuth
 	}
 }
 
diff --git a/internal/controller/sshserver/sshserver.go b/internal/controller/sshserver/sshserver.go
index 6dbfa94..7a8702e 100644
--- a/internal/controller/sshserver/sshserver.go
+++ b/internal/controller/sshserver/sshserver.go
@@ -42,6 +42,7 @@ func NewSSHServer(
 	store storepkg.Store,
 	proxy *proxypkg.Proxy,
 	workerNotifier *notifier.Notifier,
+	noClientAuth bool,
 	logger *zap.SugaredLogger,
 ) (*SSHServer, error) {
 	server := &SSHServer{
@@ -58,6 +59,7 @@ func NewSSHServer(
 	server.listener = listener
 
 	server.serverConfig = &ssh.ServerConfig{
+		NoClientAuth:     noClientAuth,
 		PasswordCallback: server.passwordCallback,
 	}
 	server.serverConfig.AddHostKey(signer)
diff --git a/internal/tests/sshserver_test.go b/internal/tests/sshserver_test.go
index 4668663..9e6bb45 100644
--- a/internal/tests/sshserver_test.go
+++ b/internal/tests/sshserver_test.go
@@ -30,7 +30,7 @@ func TestSSHServer(t *testing.T) {
 
 	// Run the Controller
 	devClient, devController, _ := devcontroller.StartIntegrationTestEnvironmentWithAdditionalOpts(t, []controller.Option{
-		controller.WithSSHServer(":0", signer),
+		controller.WithSSHServer(":0", signer, false),
 	}, nil)
 
 	// Create a VM to which we'll connect via Controller's SSH server