Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Postpone ssh config parsing file when connecting to device for doing … #812

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from

Conversation

FloLaco
Copy link

@FloLaco FloLaco commented Nov 7, 2022

Related Issue

Fixes ronf/asyncssh#520

Description

When using variables in ssh config file like %h or %p, asyncssh is doing token substitution with host address and port. But since suzieq is creating an asyncssh options before trying to connect to device, asyncssh is not aware about host and port info.

Type of change

  • Bug fix (non-breaking change which fixes an issue)

New Behavior

The goal is to postpone ssh config file parsing at the asyncssh.connect() time, where host and port is known.
There is another way, explained in the comments section.

...

Contrast to Current Behavior

Actually, when building the options, substitution look like this : nc -X 5 -x 127.0.0.1:2226 '' 22
Instead of nc -X 5 -x 127.0.0.1:2226 X.X.X.X 22
...

Discussion: Benefits and Drawbacks

It's very usefull for supporting multiplexing ssh session with OpenSSH options without adding such feature to suzieq

...

Proposed Release Note Entry

  • Fix asyncssh OpenSSH token substitution (%h, %p) by postponing parsing ssh config file.

...

Comments

There's two way to fix this issue, the other way is to provide host and port information to asyncssh when building ssh options. I tested both and it works, but I prefer the way to postpone config parsing in the asyncssh.connect() call instead of doing parsing before and pass the result to asyncssh.connect().

Second way like this :

        if self.ssh_config_file:
            options = asyncssh.SSHClientConnectionOptions(
                host=self.address,
                port=self.port,
                options=options,
                config=[self.ssh_config_file],
            )

Example of ssh config file :

host  jumpserver
   IdentityFile   /home/suzieq/parquet/ssh_cred_conf/id_rsa
   IdentitiesOnly   yes
   user   username
   hostname   Y.Y.Y.Y
   Protocol  2
   Port  22
   StrictHostKeyChecking   no
   DynamicForward 127.0.0.1:2226

host * !jumpserver
   Protocol  2
   StrictHostKeyChecking  no
   ProxyCommand nc -X 5 -x 127.0.0.1:2226 %h %p

Double Check

  • I have read the comments and followed the CONTRIBUTING.md.
  • I have explained my PR according to the information in the comments or in a linked issue.
  • My PR source branch is created from the develop branch.
  • My PR targets the develop branch.
  • All my commits have --signoff applied

…token substitution at that time

Signed-off-by: Florian LACOMMARE <[email protected]>
Copy link
Contributor

@claudiolor claudiolor left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the contribution! I left a comment which should be addressed before merging:

@@ -573,7 +568,8 @@ async def _init_jump_host_connection(
)
self._tunnel = await asyncssh.connect(
self.jump_host, port=self.jump_port,
options=jump_host_options, username=self.jump_user)
options=jump_host_options, username=self.jump_user,
config=[self.ssh_config_file])
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This won't work if no ssh config file is provided as we would pass a list containing None to the connect() function, causing it to fail.
I suggest to directly provide the string and, if empty or None, an empty tuple (as according to the docs explicitly passing None, asyncssh won't get the default configuration in .ssh/config).

Suggested change
config=[self.ssh_config_file])
config=self.ssh_config_file or ())

@@ -729,7 +720,8 @@ async def _ssh_connect(self):
self.address,
username=self.username,
port=self.port,
options=options)
options=options,
config=[self.ssh_config_file])
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As the comment before:

Suggested change
config=[self.ssh_config_file])
config=self.ssh_config_file or ())

@ryanmerolle
Copy link
Contributor

Is this something still useful?

@ddutt
Copy link
Member

ddutt commented Jun 19, 2024

Is this something still useful?

Not sure, no one's ever asked for this but this user, and since the method he was pursuing was not a scalable answer, and he didn't address the comments, we haven't merged it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

ProxyCommand %h not replaced
4 participants