From d00262dc31be8f03b149c4c44b9d5e15959390ff Mon Sep 17 00:00:00 2001 From: Owen Date: Tue, 17 Feb 2026 11:43:38 -0800 Subject: [PATCH] Send the right port and cert --- server/private/routers/ssh/signSshKey.ts | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/server/private/routers/ssh/signSshKey.ts b/server/private/routers/ssh/signSshKey.ts index 378c3576..9ffce8c1 100644 --- a/server/private/routers/ssh/signSshKey.ts +++ b/server/private/routers/ssh/signSshKey.ts @@ -24,7 +24,7 @@ import { eq, or, and } from "drizzle-orm"; import { canUserAccessSiteResource } from "@server/auth/canUserAccessSiteResource"; import { signPublicKey, getOrgCAKeys } from "#private/lib/sshCA"; import config from "@server/lib/config"; -import { sendToClient } from "#dynamic/routers/ws"; +import { sendToClient } from "#private/routers/ws"; const paramsSchema = z.strictObject({ orgId: z.string().nonempty() @@ -352,13 +352,13 @@ export async function signSshKey( data: { messageId: message.messageId, orgId: orgId, - agentPort: 8080, + agentPort: 22123, agentHost: resource.destination, - caCert: publicKey, + caCert: caKeys.publicKeyOpenSSH, username: usernameToUse, niceId: resource.niceId, metadata: { - sudo: true, + sudo: true, // we are hardcoding these for now but should make configurable from the role or something homedir: true } } @@ -366,12 +366,19 @@ export async function signSshKey( const expiresIn = Number(validFor); // seconds + let sshHost; + if (resource.alias && resource.alias != "") { + sshHost = resource.alias; + } else { + sshHost = resource.destination; + } + return response(res, { data: { certificate: cert.certificate, messageId: message.messageId, sshUsername: usernameToUse, - sshHost: resource.destination, + sshHost: sshHost, resourceId: resource.siteResourceId, keyId: cert.keyId, validPrincipals: cert.validPrincipals,