{
"title" : "NetKernel SSHd",
"css" : "
body {background-color: #A5CC64; color: #33333;}
pre { background-color: #222222; color: #aaaaaa; border: 0px; font-size: 60%; font-family: courier, fixed; padding: 5px;}
div.slide h1 { background-color: #63793F; padding-left: 50px; margin-left: -20px; color: #333333;}
",
"copyright" : "© 2010, 1060 Research Limited",
"favicon" : "/wink/style/icon.png"
}
| WiNK |  |
Design Principles
The SSH transport infrastructure allows remote ssh clients to issue resource requests into the NetKernel address space. Resource requests can be made through a shell or as remote commands, and even as scp "file" transfers.
Authentication
The SSH transport has a pluggable design using configurable declarative requests that enable user supplied public key and password authentication services to be invoked for new client sessions.
A standard openSSH compatible public key authentication service is provided which reads a user's ~/.ssh/authorized_keys to authenticate PKI sessions.
SSH Shell
A regular ssh client connection to the SSH transport will initiate a simple interactive shell.
pjr@hp6715b:$ ssh -p 8022 -i test-key hp6715b
---------------------------------------------
NetKernel SSH Server v1.0 on hp6715b
Welcome: pjr
Logged in at: Tue Aug 10 19:56:25 BST 2010
---------------------------------------------
pjr@hp6715b:NK$
Shell - Requests
Each command line entered is taken to be a request identifier which is issued into the address space hosting the SSH Transport. For example, below is a command line request for a simple xml resource...
pjr@hp6715b:NK$ res:/data.xml
<?xml version="1.0" encoding="UTF-8"?>
<data>
<item name="red">
<colour>#ff0000</colour>
</item>
<item name="green">
<colour>#00ff00</colour>
</item>
<item name="blue">
<colour>#0000ff</colour>
</item>
</data>
pjr@hp6715b:NK$
The requested resource must be transreptable to IReadableBinaryStreamRepresentation. The representation is written into the stdout of the ssh console.
Shell - Active Requests
Since the command line character sequence is the identifier of a request, you are free to use full active URI syntax.
In the example below, the SSH transport issues requests into a space with the service active:toUpper...
pjr@hp6715b:NK$ active:toUpper+operand@res:/data.xml
<?XML VERSION="1.0" ENCODING="UTF-8"?>
<DATA>
<ITEM NAME="RED">
<COLOUR>#FF0000</COLOUR>
</ITEM>
<ITEM NAME="GREEN">
<COLOUR>#00FF00</COLOUR>
</ITEM>
<ITEM NAME="BLUE">
<COLOUR>#0000FF</COLOUR>
</ITEM>
</DATA>
pjr@hp6715b:NK$
Shell - Features
TAB Command Completion
Pressing the [TAB] key offers command completion on the partialy completed command line. The completion options may be configured through a plugin service.
pjr@hp6715b:NK$ active:[TAB] active:toUpper+operand@ active:xslt+operator@res:/transform.xsl+operand@ pjr@hp6715b:NK$ active:
Shell - Features(2)
Command History
↑ ↓ (Up / Down Cursor Keys) scroll forward and backward through the previous command history.
Built-in Commands
The following command lines are built-in and will always execute without issuing a request.
clear
Typing "clear" will clear the console display.
exit
Typing "exit" will terminate the shell session. Equivalently the "Ctl-D" key will terminate the session.
SSH Remote Command Execution
The ssh server will "execute" any command statement from the ssh client as a resource request.
Here is an example showing a request for an XML resource, with the response streamed to the stdout of the client.
pjr@hp6715b:~$ ssh -p 8022 -i test-key hp6715b res:/data.xml
<?xml version="1.0" encoding="UTF-8"?>
<data>
<item name="red">
<colour>#ff0000</colour>
</item>
<item name="green">
<colour>#00ff00</colour>
</item>
<item name="blue">
<colour>#0000ff</colour>
</item>
</data>
Command - Active URI
Here is an example with an active URI command...
pjr@hp6715b:~$ ssh -p 8022 -i test-key hp6715b active:toUpper+operand@res:/data.xml
<?XML VERSION="1.0" ENCODING="UTF-8"?>
<DATA>
<ITEM NAME="RED">
<COLOUR>#FF0000</COLOUR>
</ITEM>
<ITEM NAME="GREEN">
<COLOUR>#00FF00</COLOUR>
</ITEM>
<ITEM NAME="BLUE">
<COLOUR>#0000FF</COLOUR>
</ITEM>
</DATA>
Piping Responses
Since the command goes to the client's stdout it can be piped. Here's an example piping the response to a local file...
pjr@hp6715b:~$ ssh -p 8022 -i test-key hp6715b res:/data.xml > localdata.xml pjr@hp6715b:~$
SCP - "File" Download / SOURCE
The SSH transport provides full support for scp file transfers.
scp hostname:[resource-identifier] localfile
The [resource-identifier] request will be issued into the SSH transport address space as a SOURCE request. The response of the request will be "downloaded" to the specified localfile.
Example
pjr@hp6715b:~$ scp -P 8022 -i test-key hp6715b:res:/data.xml localdata.xml res__data.xml 100% 234 0.2KB/s 00:00 pjr@hp6715b:~$
Example - scp with active URI
pjr@hp6715b:~$ scp -P 8022 -i test-key hp6715b:active:toUpper+operand@res:/data.xml upperCaseData.xml active_toUpper+operand@res__data.xml 100% 234 0.2KB/s 00:00 pjr@hp6715b:~$
SCP - File Upload / SINK
A client-side file can be uploaded to a target resource identifier on the serverside. The uploaded binary stream representation is provided in a SINK request to the target resource identifier.
scp localfile hostname:[resource-identifier]
Example
Here a local file is uploaded, the remote target is a file: URI on the serverside.
pjr@hp6715b:~$ scp -P 8022 -i test-key localdata.xml hp6715b:file:/home/pjr/remotedata.xml localdata.xml 100% 234 0.2KB/s 00:00 pjr@hp6715b:~$
SSH Fulcrum
An SSH fulcrum module is available as an optional install.
Provides pre-configured SSH host space. Dynamic imports allow your application space to be imported and exposed to SSH originated requests.
To be imported instantiate res:/etc/system/SimpleDynamicImportHook.xml with...
<type>SSHFulcrum</type>
</connection>
|