Fix ssh-config short-lived-cert for subpath-ed hostnames

Fixes https://github.com/cloudflare/cloudflared/issues/923
2023-04-04 13:25:27 +08:00 · 2023-04-04 13:25:27 +08:00 · 653bf87197
parent 39ed5dc182
commit 653bf87197
1 changed files with 4 additions and 3 deletions
--- a/cmd/cloudflared/access/cmd.go
+++ b/cmd/cloudflared/access/cmd.go
@ -40,8 +40,8 @@ Add to your {{.Home}}/.ssh/config:
 {{- if .ShortLivedCerts}}
 Match host {{.Hostname}} exec "{{.Cloudflared}} access ssh-gen --hostname %h"
  ProxyCommand {{.Cloudflared}} access ssh --hostname %h
-  IdentityFile ~/.cloudflared/%h-cf_key
-  CertificateFile ~/.cloudflared/%h-cf_key-cert.pub
+  IdentityFile ~/.cloudflared/{{.SSHCertFilePath}}-cf_key
+  CertificateFile ~/.cloudflared/{{.SSHCertFilePath}}-cf_key-cert.pub
 {{- else}}
 Host {{.Hostname}}
  ProxyCommand {{.Cloudflared}} access ssh --hostname %h
@ -365,10 +365,11 @@ func sshConfig(c *cli.Context) error {
 		ShortLivedCerts bool
 		Hostname        string
 		Cloudflared     string
+		SSHCertFilePath string
 	}

 	t := template.Must(template.New("sshConfig").Parse(sshConfigTemplate))
-	return t.Execute(os.Stdout, config{Home: os.Getenv("HOME"), ShortLivedCerts: genCertBool, Hostname: hostname, Cloudflared: cloudflaredPath()})
+	return t.Execute(os.Stdout, config{Home: os.Getenv("HOME"), ShortLivedCerts: genCertBool, Hostname: hostname, Cloudflared: cloudflaredPath(), SSHCertFilePath: token.GenerateSSHCertFilePathFromURL(url.Parse(ensureURLScheme(hostname)), sshgen.keyName)})
 }

 // sshGen generates a short lived certificate for provided hostname