Virtual directories with Elixir/Erlang for configuring :ssh

Questions / Help
1

Hi there,

I’m currently working on an application that will allow users to upload files to their own servers via SSH/SFTP.
Erlang’s :ssh library (and by extension also sshex) use the ~/.ssh directory by default to store all trusted hosts and SSH keys. This is not what I want because it would obviously be a bad idea to have all users share the same keys.
Unfortunately, the only way to use multiple keys seems to be changing the user_dir parameter in the :ssh.connect/2 call.

I’ve worked a lot with Qt/C++ before and Qt can create resource files that are accessible through “virtual” directores, i. e. instead of a real path in the filesystem, you give a path such as ":/my_resource.file" and the Qt file library will “understand” that the file needs to be read from the resource file.

Now I wonder: Is there any such thing that I could use with Elixir/Erlang where I store a user’s ssh information in my database or an OTP app and then trick Elixir/Erlang into reading from that like from a path?

I came across an Erlang library called evfs which seems to do pretty much that but it has no license, has been unmaintained for six years and isn’t even available as a Hex package …

Any suggestions on how to approach this problem would be appreciated :slight_smile:

1 Like
2

Heh, the I/O system in Erlang is entirely handled by processes and you can in fact (rather brutally) replace an existing main-system process to replace it with your own, like you can with the filesystem process.

I do not recall the details off-hand (its been near 10 years since I did this), but it is entirely doable (and a library for a virtual filesystem would be awesome ;-)).

EDIT: And actually that evfs seems pretty solid, might just need some updating if you can contact the person and see if they can turn it over to you, but should not be too hard to make your own either.

2 Likes
3

As for your underlying issue about the ssh module, didn’t it have the option of passing in certs directly? (I set up an ssh server a long time ago with it and I remembered having enough annoyances that I ended up rewriting the sftp module in it at least…).

2 Likes
4

See this discussion: [erlang-patches] EEP Light: Option to override private key lookup when using Erlang ssh client.

And the doc: http://erlang.org/doc/man/ssh_client_key_api.html

3 Likes
5

Oh wow, thank you for pointing this out. Seems like I was totally blind while reading the :ssh docs!

1 Like