Installations
npm install http-ssh-agentDeveloper Guide
Typescript
No
Module System
N/A
Node Version
1.2.0
NPM Version
2.5.1
Score
67.5
Supply Chain
89.5
Quality
74.7
Maintenance
50
Vulnerability
100
License
Releases
Unable to fetch releases
Contributors
Unable to fetch Contributors
Languages
JavaScript (100%)
Developer
mafintosh
Download Statistics
Total Downloads
22,399
Last Day
3
Last Week
22
Last Month
72
Last Year
800
GitHub Statistics
30 Stars
75 Commits
4 Forks
4 Watching
1 Branches
3 Contributors
Bundle Size
214.61 kB
Minified
57.46 kB
Minified + Gzipped
Maintainers
Package Meta Information
Latest Version
1.0.4
Package Id
http-ssh-agent@1.0.4
Size
5.00 kB
NPM Version
2.5.1
Node Version
1.2.0
Total Downloads
Cumulative downloads
Total Downloads
22,399
Last day
0%
3
Compared to previous day
Last week
-40.5%
22
Compared to previous week
Last month
157.1%
72
Compared to previous month
Last year
-9.8%
800
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
4
Dev Dependencies
4
http-ssh-agent
Node.js http agent that allows you to send http requests over ssh.
npm install http-ssh-agent
Usage
Start a http server on a server that you have ssh access to. Since we will be accessing the server using ssh the server can bind to a port that is not open externally. On your local machine you just create the agent with some ssh options and pass it to a http module.
Using node core
1var http = require('http') 2var agent = require('http-ssh-agent') 3 4// per default the agent will authenticate using ~/.ssh/id_rsa as your private key 5var ssh = agent('username@example.com') 6 7http.get({ 8 port: 8080, // assuming the remote server is running on port 8080 9 host: '127.0.0.1', // the host is resolved via ssh so 127.0.0.1 -> example.com 10 agent: ssh // simply pass the agent 11}, function(response) { 12 response.pipe(process.stdout) 13})
Using request
1var request = require('request') 2 3request('http://127.0.0.1:8080', {agent: ssh}).pipe(process.stdout)
SSH options
Pass additional ssh options as the second argument. See ssh2 connection options for a full list of available options.
1var ssh = agent('username@example.com', { 2 privateKey: 'path-to-private-key', // can also be a buffer, 3 password: 'ssh-password' // specify a password instead of a key 4})
Host verification
The agent will emit a verify event when it wants you to verify a host fingerprint.
You should validate that the fingerprint is correct and return an error if not.
1ssh.on('verify', function(fingerprint, callback) { 2 console.log('Server fingerprint is', fingerprint) 3 callback() // pass an error to indicate a bad fingerprint 4})
If you do not want to do host validation simply do not listen for the verify event.
You can also choose to pass the hash to challange against as the verify option.
Running the tests
To run the tests you need to have a local ssh server running (on OSX enable Remote login) and have your own public key
whitelisted in .ssh/authorized_keys.
Then simply run
npm test
License
MIT
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 2/30 approved changesets -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 2 are checked with a SAST tool
Score
3
/10
Last Scanned on 2025-01-27
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More