Show HN: ssh chat.shazow.net

171 points by shazow ↗ HN
Hi HN,

I wrote a custom SSH server in Go, give it a try. It uses your terminal user and SSH keys to authenticate implicitly. Instead of getting a shell, you get an IRC-style chatroom with everyone else.

  $ ssh chat.shazow.net
If you're getting "Permission denied (publickey)", please use ssh-keygen to create a keypair. Instructions here: https://help.github.com/articles/generating-ssh-keys/

SSH is a really cool protocol; it's a lot like HTTP2. This is a demo of one thing you can do with it, but I plan to factor out the code into libraries that will let you build all kinds of experiences that can be used with any SSH client.

The source code is here: https://github.com/shazow/ssh-chat

(Should be reasonably stable and handle thousands of connections, but apologies in advance if it crashes: Try to reconnect in a minute.)

47 comments

[ 5.2 ms ] story [ 112 ms ] thread
this is really cool even if you're all jerks.
I know, right? I got silenced on my own server.

<3

Got kicked out for not saying anything for 5 minutes. Kind of a bummed :) Would be nice to see if that was an auto-kick by the server, or someone actually kicked me out for kicks. There was no info other than [disconnected by remote server].
Nah, that's just the server restarting. :) There's a bug where it hangs sometimes, haven't quite figured it out.
Its because of the memory usage, I'll try fixing it tomorrow
How can you tell it's memory?

As far as I can tell, the RSS memory usage of the process has never gone above 15mb.

Well then it sounds like a viable competitor to IRC!
I just hope everyone is a gentleman like me and trolls are promptly dealt with.
Reminds me of the good old days of telechat. I was wondering if there was a way to set up a "login" free SSH server, glad someone else figured it out :)
:D Yea, the protocol certainly allows for it. Glad you like it.
Cool!

Can you hook a full ncurses up to this?

Going by my input lag, it looks like all keypresses are sent to the server, can you implement readline somehow or can i configure SSH to buffer input locally? Cook terminal mode or something?

What's pty.go used for?

If i write a line that's longer than my terminal width, it wraps onto a second line, but new incoming messages obscure the first line

> Can you hook a full ncurses up to this?

Yup! Any ncurses thing should work great. I couldn't find a golang curses lib that doesn't hardcode to stdout except for crypto/ssh/terminal, but it's fairly limited.

> Going by my input lag, it looks like all keypresses are sent to the server, can you implement readline somehow or can i configure SSH to buffer input locally? Cook terminal mode or something?

I believe that's up to your ssh client. There are things like https://mosh.mit.edu/ which try to mask the latency.

> What's pty.go used for?

For bootstrapping the pty request/response. :)

> If i write a line that's longer than my terminal width, it wraps onto a second line, but new incoming messages obscure the first line

Yea, there's a bug with long line reflow, not sure how to fix it. :(

You could probably write raw ANSI escape sequences -- they're essentially universal by this point. http://en.wikipedia.org/wiki/ANSI_escape_code

ncurses is overkill nowadays when everything is a (VT100) emulator.

>> If i write a line that's longer than my terminal width, it wraps onto a second line, but new incoming messages obscure the first line > Yea, there's a bug with long line reflow, not sure how to fix it. :(

This is a bug we had in the hoon chat client on Urbit that has seen various iterations of fixed, not that this is at all helpful, because it is written in hoon it will probably seem like line noise even if I could bisect and show you the commits that fixed it for urbit... But if you want to come to chat on ~doznec, there are about half a dozen people who can translate hoon and probably can explain in plain English what the fix looks like.

Have you implemented the binary protocol? Where did you get the protocol specification from?
It's using Go's crypto/ssh from the standard library.
Ahh okay. So it isn't implemented on this specification: https://tools.ietf.org/html/rfc4253 Regardless it seems cool.
The Go SSH library implements that RFC. That's why you can use and standard SSH client to connect.
Why not tunnel IRC through this and get all the benefits of a seasoned IRC server?
This should be called "SIRC" ^_^ If anyone else has "Permission denied" run this command: ssh-keygen -t rsa -f ~/.ssh/id_rsa
Reminds me of the old ircii days. Very basic client, I like it!
A not-so-subtle reminder to people who are "curious" and want to break things:

It's open source. Install it locally and break it to your heart's content. If you're flooding the public server, you're just ruining it for everyone else.

Yes, there are no spam controls. Yes, there are bugs. This thing was built in a couple of days on my free time, and here I am sharing it with you. Please find bugs locally, fix them, and send a pull request.

Enjoy. :)

Awesome work. I love it. I really think that this sort of thing could be extremely useful in some specific cases, for example for internal communication from sysadmins in enterprise setups. Imagine if it could be integrated along with the shell, say in an ncurses split window or something like this. There's so much potential.

Great work!

Doesn't work with SSHInATab - I can connect (after adding a keypair) but the things I type don't show up :'(
A little warning: You should turn off SSH Agent Forwarding for this host. Otherwise it may use your SSH Keys to auth to other servers you connect to via SSH, e.g. GitHub git access etc.

You can either disable it for a particular session via -a argument:

  $ ssh -a chat.shazow.net
Or permanently for this host in ~/.ssh/config:

  Host chat.shazow.net
    ForwardAgent no
That sounds like a fun hack, thanks! Wonder if it will work, will play with it later. :) Do any clients have it on by default?

(If you'd like to take my word for it, I have no intention on doing this on chat.shazow.net)

if you use an agent, you can turn on confirmation for usage of the key with "ssh-add -c" it will prompt using SSH_ASK_PASS... I always do that and i think its always a good measure. of course always turning on agent forwarding is non the less a bad idea :D
Add some ANSI color, a message board section, stir, and you've got a BBS! k-rad!
Username "dump" flooded the server. Service is dead until restart.
(comment deleted)
Very interesting, although it seems to be broken at the moment. It connects and then just kind of hangs (connecting with the latest SSH client in arch). It's a cool concept though.
Some people are spamming the chat room which increases the memory usage and causes the 'hanging'

The server is restarted every hour so you should be able to access it in a while.

The flood control feature has been added, we are waiting for shazow to wake up and update the binary.