gssh-agent 1.0.1 → 1.0.3

package/cmd/gssh/main.go

@@ -18,6 +18,7 @@ import (
 
 const (
 	defaultSocketPath = "/tmp/gssh.sock"
+	version          = "0.1.0"
 )
 
 var (
@@ -25,6 +26,20 @@ var (
 )
 
 func main() {
+	// Check for version flag before parsing
+	if len(os.Args) > 1 && (os.Args[1] == "-v" || os.Args[1] == "--version") {
+		fmt.Printf("gssh version %s\n", version)
+		os.Exit(0)
+	}
+
+	// Check for help flag before parsing
+	for _, arg := range os.Args[1:] {
+		if arg == "-h" || arg == "--help" {
+			printUsage()
+			os.Exit(0)
+		}
+	}
+
 	flag.Parse()
 
 	if flag.NArg() < 1 {
@@ -58,7 +73,7 @@ func main() {
 		err = handleSCP()
 	case "sftp":
 		err = handleSFTP()
-	case "help", "-h", "--help":
+	case "help":
 		printUsage()
 	default:
 		fmt.Fprintf(os.Stderr, "Unknown command: %s\n", cmd)
@@ -566,42 +581,51 @@ func handleSFTP() error {
 }
 
 func printUsage() {
-	fmt.Println(`gssh - SSH Session Manager for Agents (Stateless)
+	fmt.Printf(`gssh - SSH Session Manager for Agents v%s
 
 Usage:
   gssh connect -u user -h host [-p port] [-i key_path] [-P password] [--ask-pass]
   gssh disconnect [-s session_id]
   gssh reconnect [-s session_id]
-  gssh exec [-s session_id] [-S password | --ask-sudo-pass] "sudo command"
+  gssh exec [-s session_id] [-S password | --ask-sudo-pass] "command"
   gssh list
   gssh use <session_id>
-  gssh forward [-s session_id] -l local_port -r remote_port
+  gssh forward [-s session_id] -l local_port -r remote_port [-R]
   gssh forwards
   gssh forward-close <forward_id>
-  gssh scp [-s session_id] [-put|-get] <source> <dest>
-  gssh sftp [-s session_id] -c <command> -p <path>
-
-Note: For sudo commands, use key-based authentication or configure passwordless sudo.
+  gssh scp [-s session_id] -put <local> <remote>
+  gssh scp [-s session_id] -get <remote> <local>
+  gssh sftp [-s session_id] -c <ls|mkdir|rm> -p <path>
+  gssh -v, --version
 
 Options:
-  -socket path        Unix socket path (default: /tmp/gssh.sock)
+  -socket path         Unix socket path (default: /tmp/gssh.sock)
   -s session_id       Session ID
   -u user             Username
   -h host             Host
   -p port             Port (default: 22)
-  -P password         Password (or use --ask-pass for interactive input)
-  -i key_path        SSH key path
-  -S password        sudo password (for executing sudo commands)
-  --ask-sudo-pass    Interactively ask for sudo password
+  -P password         Password
+  -i key_path         SSH key path
+  -S password         sudo password
+  --ask-pass          Ask for password interactively
+  --ask-sudo-pass     Ask for sudo password interactively
   -l local            Local port
   -r remote           Remote port
-  -R                  Remote port forward
-  -put                Upload mode (local -> remote)
-  -get                Download mode (remote -> local)
+  -R                  Remote port forward (default: local)
+  -put                Upload (local -> remote)
+  -get                Download (remote -> local)
   -c command          SFTP command (ls, mkdir, rm)
   -p path             Path for SFTP command
-  --ask-pass          Interactively ask for SSH password (secure)
-  --ask-passphrase    Interactively ask for key passphrase (secure)`)
+  -v, --version       Show version
+
+Examples:
+  gssh connect -u admin -h 192.168.1.1 -P password
+  gssh exec "ls -la"
+  gssh forward -l 8080 -r 80
+  gssh forward -l 9000 -r 3000 -R
+  gssh scp -put local.txt /home/user/remote.txt
+  gssh sftp -c ls -p /home/user
+`, version)
 }
 
 // Restore terminal on exit

package/internal/client/ssh.go

@@ -103,7 +103,7 @@ func Connect(user, host string, port int, password, keyPath string) (*SSHClient,
 	return NewSSHClient(user, host, port, authMethods...)
 }
 
-// Exec executes a command on the remote host
+// Exec executes a command on the remote host using an interactive login shell
 func (c *SSHClient) Exec(cmd string) (string, string, int, error) {
 	session, err := c.Client.NewSession()
 	if err != nil {
@@ -111,7 +111,29 @@ func (c *SSHClient) Exec(cmd string) (string, string, int, error) {
 	}
 	defer session.Close()
 
-	output, err := session.CombinedOutput(cmd)
+	// Get terminal info for PTY
+	// Use default term if not available
+	termEnv := os.Getenv("TERM")
+	if termEnv == "" {
+		termEnv = "xterm-256color"
+	}
+
+	// Request PTY for interactive shell
+	termWidth := 80
+	termHeight := 24
+	if err := session.RequestPty(termEnv, termWidth, termHeight, ssh.TerminalModes{
+		ssh.ECHO:          1,
+		ssh.TTY_OP_ISPEED: 14400,
+		ssh.TTY_OP_OSPEED: 14400,
+	}); err != nil {
+		return "", "", 0, fmt.Errorf("failed to request PTY: %w", err)
+	}
+
+	// Execute command using login shell to load user config files (.zprofile, .bash_profile, etc.)
+	// Using -l for login shell, -c to execute command
+	fullCmd := fmt.Sprintf("/bin/zsh -l -c %q", cmd)
+
+	output, err := session.CombinedOutput(fullCmd)
 	if err != nil {
 		exitErr, ok := err.(*ssh.ExitError)
 		if ok {

package/internal/portforward/forwarder.go

@@ -3,6 +3,7 @@ package portforward
 import (
 	"fmt"
 	"io"
+	"log"
 	"net"
 	"sync"
 
@@ -16,12 +17,12 @@ type Forwarder struct {
 	LocalPort  int
 	RemotePort int
 
-	sshClient  *ssh.Client
-	listener   net.Listener
-	conns      map[net.Conn]bool
-	mu         sync.RWMutex
-	closed     bool
-	wg         sync.WaitGroup
+	sshClient *ssh.Client
+	listener  net.Listener
+	conns     map[net.Conn]bool
+	mu        sync.RWMutex
+	closed    bool
+	wg        sync.WaitGroup
 }
 
 // NewForwarder creates a new port forwarder
@@ -42,6 +43,10 @@ func NewForwarder(sshClient *ssh.Client, forwardType string, localPort, remotePo
 			return nil, fmt.Errorf("failed to listen on %s: %w", addr, err)
 		}
 		f.listener = listener
+		log.Printf("[portforward] Local forward: localhost:%d -> remote:%d", localPort, remotePort)
+	} else if forwardType == "remote" {
+		// Remote port forward: remote:remotePort -> localhost:localPort
+		log.Printf("[portforward] Remote forward: remote:%d -> localhost:%d", remotePort, localPort)
 	}
 
 	return f, nil
@@ -51,7 +56,7 @@ func NewForwarder(sshClient *ssh.Client, forwardType string, localPort, remotePo
 func (f *Forwarder) Start() {
 	if f.Type == "local" {
 		f.startLocalForward()
-	} else {
+	} else if f.Type == "remote" {
 		f.startRemoteForward()
 	}
 }
@@ -98,13 +103,18 @@ func (f *Forwarder) handleLocalConnection(localConn net.Conn) {
 		f.mu.Unlock()
 	}()
 
+	log.Printf("[portforward] Connection accepted from %s", localConn.RemoteAddr())
+
 	remoteAddr := fmt.Sprintf("localhost:%d", f.RemotePort)
 	remoteConn, err := f.sshClient.Dial("tcp", remoteAddr)
 	if err != nil {
+		log.Printf("[portforward] Failed to connect to remote %s: %v", remoteAddr, err)
 		return
 	}
 	defer remoteConn.Close()
 
+	log.Printf("[portforward] Tunnel established to remote %s", remoteAddr)
+
 	// Bidirectional copy
 	done := make(chan struct{})
 	go func() {
@@ -119,14 +129,34 @@ func (f *Forwarder) handleLocalConnection(localConn net.Conn) {
 }
 
 // startRemoteForward handles remote port forwarding
+// Remote port forward: remote:remotePort -> localhost:localPort
 func (f *Forwarder) startRemoteForward() {
-	// Remote port forwarding: remote:remotePort -> localhost:localPort
 	f.wg.Add(1)
 	go func() {
 		defer f.wg.Done()
 
-		// Request the server to forward remote port
-		// This is a simplified implementation
+		// Request the SSH server to listen on remote:remotePort and forward connections to us
+		// Payload format: string (address) + uint32 (port)
+		addr := fmt.Sprintf(":%d", f.RemotePort)
+		payload := ssh.Marshal(struct {
+			Addr string
+			Port uint32
+		}{Addr: addr, Port: uint32(f.RemotePort)})
+
+		ok, _, err := f.sshClient.SendRequest("tcpip-forward", true, payload)
+		if err != nil {
+			log.Printf("[portforward] Failed to send tcpip-forward request: %v", err)
+			return
+		}
+		if !ok {
+			log.Printf("[portforward] SSH server rejected tcpip-forward request for port %d", f.RemotePort)
+			return
+		}
+
+		log.Printf("[portforward] Remote forward: SSH server listening on port %d", f.RemotePort)
+
+		// Now we need to accept forwarded connections from the SSH server
+		// The SSH server will open a "forwarded-tcpip" channel for each connection
 		for {
 			f.mu.RLock()
 			if f.closed {
@@ -135,9 +165,46 @@ func (f *Forwarder) startRemoteForward() {
 			}
 			f.mu.RUnlock()
 
-			// Wait for connections on remote side
-			// In practice, SSH server handles this
-			// This would need SSH channel forwarding
+			// Wait for a forwarded connection
+			ch, reqs, err := f.sshClient.OpenChannel("forwarded-tcpip", nil)
+			if err != nil {
+				f.mu.RLock()
+				closed := f.closed
+				f.mu.RUnlock()
+				if closed {
+					return
+				}
+				log.Printf("[portforward] Error accepting forwarded connection: %v", err)
+				continue
+			}
+
+			// Discard any requests
+			go ssh.DiscardRequests(reqs)
+
+			// Connect to local port
+			localAddr := fmt.Sprintf("localhost:%d", f.LocalPort)
+			localConn, err := net.Dial("tcp", localAddr)
+			if err != nil {
+				log.Printf("[portforward] Failed to connect to local port %d: %v", f.LocalPort, err)
+				ch.Close()
+				continue
+			}
+
+			f.mu.Lock()
+			f.conns[localConn] = true
+			f.mu.Unlock()
+
+			log.Printf("[portforward] Remote connection forwarded to localhost:%d", f.LocalPort)
+
+			// Bidirectional copy
+			go func() {
+				io.Copy(ch, localConn)
+				ch.Close()
+				localConn.Close()
+			}()
+			go func() {
+				io.Copy(localConn, ch)
+			}()
 		}
 	}()
 }
@@ -175,13 +242,15 @@ func (f *Forwarder) Restart(sshClient *ssh.Client) {
 		f.listener.Close()
 	}
 
-	// Create new listener
-	addr := fmt.Sprintf("localhost:%d", f.LocalPort)
-	listener, err := net.Listen("tcp", addr)
-	if err != nil {
-		return
+	if f.Type == "local" {
+		// Create new listener
+		addr := fmt.Sprintf("localhost:%d", f.LocalPort)
+		listener, err := net.Listen("tcp", addr)
+		if err != nil {
+			return
+		}
+		f.listener = listener
 	}
-	f.listener = listener
 
 	f.Start()
 }

package/internal/session/manager.go

@@ -2,6 +2,7 @@ package session
 
 import (
 	"fmt"
+	"strings"
 	"sync"
 	"time"
 
@@ -10,6 +11,7 @@ import (
 	"gssh/internal/protocol"
 
 	"github.com/google/uuid"
+	"golang.org/x/crypto/ssh"
 )
 
 // Manager manages SSH sessions
@@ -23,17 +25,17 @@ type Manager struct {
 
 // ManagedSession wraps a session with additional state
 type ManagedSession struct {
-	ID        string
-	Host      string
-	User      string
-	Port      int
-	Status    string
-	Password  string
-	KeyPath   string
-	SSHClient *client.SSHClient
-	LastCmd   string
-	Forwards  map[string]*portforward.Forwarder
-	mu        sync.RWMutex
+	ID                 string
+	Host               string
+	User               string
+	Port               int
+	Status             string
+	Password           string
+	KeyPath            string
+	SSHClient          *client.SSHClient
+	LastCmd            string
+	Forwards           map[string]*portforward.Forwarder
+	mu                 sync.RWMutex
 }
 
 // NewManager creates a new session manager
@@ -44,6 +46,54 @@ func NewManager() *Manager {
 	}
 }
 
+// needsShell returns true if the command needs to be executed through a shell
+func needsShell(cmd string) bool {
+	// Check for heredoc
+	if strings.Contains(cmd, "<<") {
+		return true
+	}
+
+	// Check for newlines (multi-line commands)
+	if strings.Contains(cmd, "\n") {
+		return true
+	}
+
+	// Check for pipe
+	if strings.Contains(cmd, " | ") {
+		return true
+	}
+
+	// Check for redirection
+	if strings.ContainsAny(cmd, "><") {
+		// Make sure it's not in a string context
+		if strings.Contains(cmd, ">") || strings.Contains(cmd, "<") {
+			return true
+		}
+	}
+
+	// Check for logical operators
+	if strings.Contains(cmd, " && ") || strings.Contains(cmd, " || ") {
+		return true
+	}
+
+	// Check for background execution
+	if strings.HasSuffix(strings.TrimSpace(cmd), "&") {
+		return true
+	}
+
+	// Check for command substitution
+	if strings.Contains(cmd, "$(") || strings.Contains(cmd, "`") {
+		return true
+	}
+
+	// Check for environment variables (but not $$ which is PID)
+	if strings.Contains(cmd, "${") || (strings.Contains(cmd, "$") && !strings.Contains(cmd, "$$")) {
+		return true
+	}
+
+	return false
+}
+
 // Connect creates a new SSH session
 func (m *Manager) Connect(user, host string, port int, password, keyPath string) (*protocol.Session, error) {
 	m.mu.Lock()
@@ -180,23 +230,49 @@ func (m *Manager) Exec(sessionID, command string) (*protocol.ExecResult, error)
 	}
 
 	ms.mu.RLock()
-	defer ms.mu.RUnlock()
-
 	if ms.SSHClient == nil {
+		ms.mu.RUnlock()
 		return nil, fmt.Errorf("session not connected")
 	}
+	ms.mu.RUnlock()
 
-	stdout, stderr, exitCode, err := ms.SSHClient.Exec(command)
-	if err != nil && exitCode == 0 {
-		return nil, err
+	// 复用 SSH 连接，创建新的 session 执行命令
+	session, err := ms.SSHClient.Client.NewSession()
+	if err != nil {
+		return nil, fmt.Errorf("failed to create session: %w", err)
 	}
+	defer session.Close()
 
-	ms.LastCmd = command
+	// 检测是否需要通过 shell 执行
+	fullCmd := command
+	if needsShell(command) {
+		fullCmd = fmt.Sprintf("/bin/zsh -c %q", command)
+	}
+
+	output, err := session.CombinedOutput(fullCmd)
+	if err != nil {
+		exitErr, ok := err.(*ssh.ExitError)
+		if ok {
+			ms.LastCmd = command
+			return &protocol.ExecResult{
+				Stdout:   string(output),
+				Stderr:   "",
+				ExitCode: exitErr.ExitStatus(),
+			}, nil
+		}
+		ms.LastCmd = command
+		return &protocol.ExecResult{
+			Stdout:   string(output),
+			Stderr:   "",
+			ExitCode: 0,
+		}, nil
+	}
 
+	ms.LastCmd = command
 	return &protocol.ExecResult{
-		Stdout:   stdout,
-		Stderr:   stderr,
-		ExitCode: exitCode,
+		Stdout:   string(output),
+		Stderr:   "",
+		ExitCode: 0,
 	}, nil
 }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gssh-agent",
-  "version": "1.0.1",
+  "version": "1.0.3",
   "description": "SSH Session Manager for Agents - Stateless SSH client with SFTP support",
   "bin": {
     "gssh": "./bin/gssh",

package/skill.md

@@ -7,19 +7,18 @@ triggers:
   - ssh session
   - ssh 连接
   - ssh 管理
+  - sftp
+  - scp 文件传输
 ---
 
-## 快速开始
+## 连接认证
 
 ```bash
-# 连接 SSH（交互式输入密码）
-gssh connect -u admin -h 192.168.1.100 --ask-pass
+# 使用密码
+gssh connect -u user -h host -p password
 
-# 执行命令
-gssh exec "ls -la"
-
-# 断开连接
-gssh disconnect
+# SSH 密钥
+gssh connect -u user -h host -i ~/.ssh/id_rsa
 ```
 
 ## 核心命令
@@ -28,33 +27,70 @@ gssh disconnect
 |------|------|
 | `connect` | 建立 SSH 连接 |
 | `exec` | 执行命令 |
-| `scp` | 文件传输（上/下载） |
+| `scp` | 文件传输 |
 | `sftp` | SFTP 操作 |
 | `forward` | 端口转发 |
 | `list` | 列出 session |
+| `use` | 切换默认 session |
 
-## 认证
+## 执行命令
 
 ```bash
-# 交互式密码（推荐）
-gssh connect -u user -h host --ask-pass
+# 普通命令
+gssh exec "ls -la"
 
-# SSH 密钥
-gssh connect -u user -h host -i ~/.ssh/id_rsa
+# sudo 命令
+gssh exec -S password "sudo systemctl restart nginx"
 ```
 
-## sudo 命令
+## 文件传输
 
 ```bash
-gssh exec --ask-sudo-pass "sudo apt update"
+# 上传本地 -> 远程
+gssh scp -put local.txt /remote/path/
+
+# 下载远程 -> 本地
+gssh scp -get /remote/file.txt ./
+
+# SFTP 目录操作
+gssh sftp -c ls -p /home/user
+gssh sftp -c mkdir -p /home/user/newdir
+gssh sftp -c rm -p /home/user/file.txt
 ```
 
-## 文件传输
+## 端口转发
 
 ```bash
-# 上传
-gssh scp -put local.txt /remote/path/
+# 本地转发: localhost:8080 -> remote:80
+gssh forward -l 8080 -r 80
 
-# 下载
-gssh scp -get /remote/file.txt ./
+# 远程转发: remote:9000 -> localhost:3000
+gssh forward -R -l 9000 -r 3000
 ```
+
+## Session 管理
+
+```bash
+gssh list                    # 列出所有 session
+gssh use <session-id>        # 切换默认 session
+gssh disconnect             # 断开
+gssh reconnect -s <id>     # 重连
+```
+
+## 选项汇总
+
+| 选项 | 说明 |
+|------|------|
+| `-s` | session ID |
+| `-u` | 用户名 |
+| `-h` | 主机地址 |
+| `-p` | 端口（默认 22） |
+| `-P` | SSH 密码 |
+| `-i` | SSH 密钥 |
+| `-l` | 本地端口 |
+| `-r` | 远程端口 |
+| `-R` | 远程端口转发 |
+| `-put/-get` | 上传/下载 |
+| `-S` | sudo 密码 |
+| `--ask-pass` | 交互输入 SSH 密码 |
+| `--ask-sudo-pass` | 交互输入 sudo 密码 |