2016-02-16 17:36:02 +00:00
|
|
|
package teleport
|
|
|
|
|
|
|
|
import (
|
|
|
|
"time"
|
|
|
|
)
|
|
|
|
|
2017-03-02 19:50:35 +00:00
|
|
|
// WebAPIVersion is a current webapi version
|
|
|
|
const WebAPIVersion = "v1"
|
|
|
|
|
2016-02-16 17:36:02 +00:00
|
|
|
// ForeverTTL means that object TTL will not expire unless deleted
|
2016-03-11 01:03:01 +00:00
|
|
|
const ForeverTTL time.Duration = 0
|
|
|
|
|
2017-03-08 05:42:17 +00:00
|
|
|
const (
|
|
|
|
// SSHAuthSock is the environment variable pointing to the
|
|
|
|
// Unix socket the SSH agent is running on.
|
|
|
|
SSHAuthSock = "SSH_AUTH_SOCK"
|
|
|
|
// SSHAgentPID is the environment variable pointing to the agent
|
|
|
|
// process ID
|
|
|
|
SSHAgentPID = "SSH_AGENT_PID"
|
2017-04-07 00:16:28 +00:00
|
|
|
|
|
|
|
// SSHTeleportUser is the current Teleport user that is logged in.
|
|
|
|
SSHTeleportUser = "SSH_TELEPORT_USER"
|
|
|
|
|
|
|
|
// SSHSessionWebproxyAddr is the address the web proxy.
|
|
|
|
SSHSessionWebproxyAddr = "SSH_SESSION_WEBPROXY_ADDR"
|
|
|
|
|
|
|
|
// SSHTeleportClusterName is the name of the cluster this node belongs to.
|
|
|
|
SSHTeleportClusterName = "SSH_TELEPORT_CLUSTER_NAME"
|
|
|
|
|
|
|
|
// SSHTeleportHostUUID is the UUID of the host.
|
|
|
|
SSHTeleportHostUUID = "SSH_TELEPORT_HOST_UUID"
|
|
|
|
|
|
|
|
// SSHSessionID is the UUID of the current session.
|
|
|
|
SSHSessionID = "SSH_SESSION_ID"
|
2017-03-08 05:42:17 +00:00
|
|
|
)
|
2017-02-13 23:37:08 +00:00
|
|
|
|
2017-02-10 22:46:26 +00:00
|
|
|
const (
|
2017-02-13 23:37:08 +00:00
|
|
|
// TOTPValidityPeriod is the number of seconds a TOTP token is valid.
|
|
|
|
TOTPValidityPeriod uint = 30
|
|
|
|
|
|
|
|
// TOTPSkew adds that many periods before and after to the validity window.
|
|
|
|
TOTPSkew uint = 1
|
2017-02-10 22:46:26 +00:00
|
|
|
)
|
|
|
|
|
2016-03-11 01:03:01 +00:00
|
|
|
const (
|
2016-03-16 02:57:02 +00:00
|
|
|
// Component indicates a component of teleport, used for logging
|
|
|
|
Component = "component"
|
|
|
|
|
|
|
|
// ComponentFields stores component-specific fields
|
|
|
|
ComponentFields = "fields"
|
|
|
|
|
|
|
|
// ComponentReverseTunnel is reverse tunnel agent and server
|
|
|
|
// that together establish a bi-directional SSH revers tunnel
|
|
|
|
// to bypass firewall restrictions
|
|
|
|
ComponentReverseTunnel = "reversetunnel"
|
|
|
|
|
2016-09-02 23:04:05 +00:00
|
|
|
// ComponentAuth is the cluster CA node (auth server API)
|
|
|
|
ComponentAuth = "auth"
|
|
|
|
|
2016-03-16 02:57:02 +00:00
|
|
|
// ComponentNode is SSH node (SSH server serving requests)
|
|
|
|
ComponentNode = "node"
|
|
|
|
|
|
|
|
// ComponentProxy is SSH proxy (SSH server forwarding connections)
|
|
|
|
ComponentProxy = "proxy"
|
|
|
|
|
|
|
|
// ComponentTunClient is a tunnel client
|
|
|
|
ComponentTunClient = "tunclient"
|
|
|
|
|
2016-12-26 06:12:23 +00:00
|
|
|
// DebugEnvVar tells tests to use verbose debug output
|
|
|
|
DebugEnvVar = "DEBUG"
|
|
|
|
|
|
|
|
// VerboseLogEnvVar forces all logs to be verbose (down to DEBUG level)
|
|
|
|
VerboseLogsEnvVar = "TELEPORT_DEBUG"
|
2016-09-10 04:44:04 +00:00
|
|
|
|
|
|
|
// DefaultTerminalWidth defines the default width of a server-side allocated
|
|
|
|
// pseudo TTY
|
|
|
|
DefaultTerminalWidth = 80
|
|
|
|
|
|
|
|
// DefaultTerminalHeight defines the default height of a server-side allocated
|
|
|
|
// pseudo TTY
|
|
|
|
DefaultTerminalHeight = 25
|
|
|
|
|
|
|
|
// SafeTerminalType is the fall-back TTY type to fall back to (when $TERM
|
|
|
|
// is not defined)
|
|
|
|
SafeTerminalType = "xterm"
|
2016-12-24 03:02:59 +00:00
|
|
|
|
|
|
|
// ConnectorOIDC means connector type OIDC
|
|
|
|
ConnectorOIDC = "oidc"
|
2017-01-13 00:04:00 +00:00
|
|
|
|
|
|
|
// DataDirParameterName is the name of the data dir configuration parameter passed
|
|
|
|
// to all backends during initialization
|
|
|
|
DataDirParameterName = "data_dir"
|
2017-01-17 19:24:17 +00:00
|
|
|
|
2017-01-30 19:31:37 +00:00
|
|
|
// SSH request type to keep the connection alive. A client and a server keep
|
|
|
|
// pining each other with it:
|
|
|
|
KeepAliveReqType = "keepalive@openssh.com"
|
|
|
|
|
2017-02-14 02:29:27 +00:00
|
|
|
// OTP means One-time Password Algorithm for Two-Factor Authentication.
|
2017-01-17 19:24:17 +00:00
|
|
|
OTP = "otp"
|
|
|
|
|
2017-02-14 02:29:27 +00:00
|
|
|
// TOTP means Time-based One-time Password Algorithm. for Two-Factor Authentication.
|
2017-01-17 19:24:17 +00:00
|
|
|
TOTP = "totp"
|
|
|
|
|
2017-02-14 02:29:27 +00:00
|
|
|
// HOTP means HMAC-based One-time Password Algorithm.for Two-Factor Authentication.
|
2017-01-23 03:55:54 +00:00
|
|
|
HOTP = "hotp"
|
2017-01-17 19:24:17 +00:00
|
|
|
|
2017-02-14 02:29:27 +00:00
|
|
|
// U2F means Universal 2nd Factor.for Two-Factor Authentication.
|
2017-01-17 19:24:17 +00:00
|
|
|
U2F = "u2f"
|
|
|
|
|
2017-02-14 02:29:27 +00:00
|
|
|
// OFF means no second factor.for Two-Factor Authentication.
|
|
|
|
OFF = "off"
|
|
|
|
|
|
|
|
// Local means authentication will happen locally within the Teleport cluster.
|
|
|
|
Local = "local"
|
|
|
|
|
|
|
|
// OIDC means authentication will happen remotly using an OIDC connector.
|
2017-01-17 19:24:17 +00:00
|
|
|
OIDC = "oidc"
|
2016-03-14 21:07:45 +00:00
|
|
|
)
|
2017-03-21 20:56:05 +00:00
|
|
|
|
2017-04-05 21:43:42 +00:00
|
|
|
const (
|
|
|
|
// AuthorizedKeys are public keys that check against User CAs.
|
|
|
|
AuthorizedKeys = "authorized_keys"
|
|
|
|
// KnownHosts are public keys that check against Host CAs.
|
|
|
|
KnownHosts = "known_hosts"
|
|
|
|
)
|
|
|
|
|
2017-03-21 20:56:05 +00:00
|
|
|
const (
|
|
|
|
// CertExtensionPermitAgentForwarding allows agent forwarding for certificate
|
|
|
|
CertExtensionPermitAgentForwarding = "permit-agent-forwarding"
|
|
|
|
// CertExtensionPermitPTY allows user to request PTY
|
|
|
|
CertExtensionPermitPTY = "permit-pty"
|
|
|
|
// CertExtensionPermitPortForwarding allows user to request port forwarding
|
|
|
|
CertExtensionPermitPortForwarding = "permit-port-forwarding"
|
|
|
|
)
|
2017-04-13 00:04:51 +00:00
|
|
|
|
|
|
|
const (
|
|
|
|
// NetIQ is an identity provider.
|
|
|
|
NetIQ = "netiq"
|
|
|
|
)
|