tsh: Implement puttyconfig command to add saved PuTTY sessions to Windows registry

[webvictim]

This is an implementation of support for a tsh puttyconfig [user@]host command which will automatically add saved PuTTY sessions to the local Windows registry to make it easy to connect to a named Teleport host.

The added session runs tsh proxy ssh locally to get an authenticated tunnel to the proxy which means PuTTY can neatlly handle auto-relogin and TLS routing etc. The session is configured to authenticate using the ephemeral .ppk file which has been automatically generated and stored in the user's .tsh directory when running tsh login on Windows hosts since v10.0.1.

Every host also has its public host key configured in the registry based on the proxy's hostname, using wildcards when an FQDN is provided or individual hostnames otherwise.

I've tested this on three different clusters (one self-hosted using separate ports, one self-hosted using TLS routing, one Teleport cloud) with a combination of various different users and hostnames and found it to work well in all cases. tsh proxy ssh is doing most of the heavy lifting - this is PR mostly just registry wrangling.

Benefits:

• Writes to HKEY_CURRENT_USER, so no admin access should be needed
• Easily scriptable (for HOST in host1 host2 host; do tsh puttyconfig user@$HOST; done)

Caveats:

• Leaf clusters aren't currently supported Leaf clusters are now supported.
  • I don't think they're prohibitively difficult to add, but this PR has taken far too long to write already
• Re-running the tsh puttyconfig command will overwrite any changes to any of the ~10 values the command touches
  • any other custom changes like window/font size etc should be preserved, however
• I originally wanted to implement this as tsh config --putty [user@]host, but unfortunately our fork of Kingpin is too old to allow default arguments/commands, this seems like the next best way
• There are no tests at the moment, as I'm really not sure where to start... There's no tests for the Windows registry stuff, but the PuTTY hostname/CA logic is tested.

Login and setup:

Session list:

Connected session:

Active session in Teleport:

Registry values added:

Host key settings:

All comments and feedback welcome. I'm curious about what/how I should test and any better ways to handle the registry abstractions.

[webvictim]

@zmb3 @timothyb89 This should be ready for review now. Please feel free to add other reviewers or suggest improvements :)

[webvictim]

Thanks for the initial review @zmb3.

I would like to try and find a way to test the registry methods without requiring the code to run on a Windows box or actually writing to the registry. My best guess is that I could move all the related code to a registry package under utils, then try and find a way to make the registry-calling methods take a parameter that's not a registry.Key, but instead some kind of func or struct that I can mock up and replace with a fake registry.

Any suggestions gratefully received.

[zmb3]

A few stylistic comments, nothing major.

[webvictim]

Note: this currently contains @rosstimothy's commit 59c5570 which fixes the broken Windows builds. I'll rebase to remove that when #28357 is merged.

Depends on #28357

Edit: Now rebased

[jakule]

I was just curious, but the answer was quite educating: https://chat.openai.com/share/0898d082-ba3a-489e-a71c-83e84cbd3657

[webvictim]

This was actually really interesting; I'd never thought of using ChatGPT to explain or validate regex. It also gave me ideas for a few more test cases.

Unfortunately...

panic: regexp: Compile(`^(?:(?:(?:[a-zA-Z0-9](?:[a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?)\.){1,126}(?:[a-zA-Z0-9](?:[a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?))$`): error parsing regexp: invalid repeat count: `{1,126}`

Maybe being naive is a good thing?!