ssh-portkey 0.1.3

Secure SSH credential manager with a fast ratatui-based TUI, fuzzy search, and encrypted vault
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119

use anyhow::{anyhow, Result};
use std::process::Command;

use crate::models::Server;

fn command_exists(command: &str) -> bool {
    Command::new("which")
        .arg(command)
        .output()
        .map(|output| output.status.success())
        .unwrap_or(false)
}

pub fn build_ssh_args(server: &Server) -> Vec<String> {
    let mut args = vec!["-tt".to_string()];

    if let Some(identity_file) = server
        .identity_file
        .as_deref()
        .filter(|path| !path.is_empty())
    {
        args.push("-i".to_string());
        args.push(identity_file.to_string());
    }

    if server.forward_agent {
        args.push("-A".to_string());
    }

    args.push("-p".to_string());
    args.push(server.port.to_string());
    args.push(format!("{}@{}", server.username, server.host));
    args
}

fn shell_quote(arg: &str) -> String {
    if arg
        .chars()
        .all(|c| !c.is_whitespace() && !matches!(c, '\'' | '"' | '\\' | '$' | '`'))
    {
        arg.to_string()
    } else {
        format!("'{}'", arg.replace('\'', "'\\''"))
    }
}

fn ssh_command_line(server: &Server) -> String {
    let args = build_ssh_args(server)
        .iter()
        .map(|arg| shell_quote(arg))
        .collect::<Vec<_>>()
        .join(" ");
    format!("ssh {args}")
}

pub fn manual_connection_help(server: &Server) -> String {
    format!(
        "Connect manually with:\n  {}\nPassword is stored in Portkey and will not be printed.",
        ssh_command_line(server)
    )
}

pub fn connect(server: &Server) -> Result<()> {
    println!(
        "Connecting to {}@{}:{}...",
        server.username, server.host, server.port
    );

    if !command_exists("ssh") {
        return Err(anyhow!("ssh is not installed or not in PATH"));
    }

    let ssh_args = build_ssh_args(server);
    let has_password = !server.password.is_empty();

    let status = if has_password {
        if !command_exists("sshpass") {
            eprintln!("❌ sshpass is not installed or not in PATH.");
            eprintln!();
            eprintln!("Install sshpass to use password authentication:");
            eprintln!("  macOS: brew install hudochenkov/sshpass/sshpass");
            eprintln!("  Ubuntu/Debian: sudo apt-get install sshpass");
            eprintln!("  CentOS/RHEL: sudo yum install sshpass");
            eprintln!("  Arch: sudo pacman -S sshpass");
            eprintln!();
            eprintln!("{}", manual_connection_help(server));
            return Err(anyhow!(
                "sshpass is required for stored password authentication"
            ));
        }

        Command::new("sshpass")
            .env("SSHPASS", &server.password)
            .env(
                "TERM",
                std::env::var("TERM").unwrap_or_else(|_| "xterm-256color".to_string()),
            )
            .arg("-e")
            .arg("ssh")
            .args(&ssh_args)
            .status()?
    } else {
        Command::new("ssh")
            .env(
                "TERM",
                std::env::var("TERM").unwrap_or_else(|_| "xterm-256color".to_string()),
            )
            .args(&ssh_args)
            .status()?
    };

    if status.success() {
        Ok(())
    } else {
        Err(anyhow!(
            "SSH connection failed. Possible causes: server unreachable, invalid credentials, SSH service not running, or port blocked by firewall"
        ))
    }
}