Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for SSH certificate file in Node class #973

Open
wants to merge 6 commits into
base: develop
Choose a base branch
from
Open

Add support for SSH certificate file in Node class #973

wants to merge 6 commits into from
+39 −37

Conversation

rnwolfe
Copy link

@rnwolfe rnwolfe commented Jan 30, 2025
edited
Loading

i will fill this out further, but wanted to open PR for viewing outside of myself

Test inclusion requirements

In case the PR contains an enhancement or a new platform/service support, some tests have to be added for the new functionality:

  • any fix or enhancement SHOULD include relevant new tests or test updates, if any tests need updating.
  • a new platform support MUST include the relevant input files similar to what we have in tests/integration/sqcmds/-input directories, along with the relevant tests in the tests/integration/sqcmds/-samples dir. That list MUST include the all.yml file fully filled out.
  • any new service (or table) addition MUST include comments about what network OS are supported (along with version) with this command along with test samples for those platforms and input files in the *-input dir

For additional information about tests, follow this link

Related Issue

Fixes #972

Description

Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context. List any dependencies that are required for this change.

Type of change

Please delete options that are not relevant.

Adds support for cert-based ssh auth

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)

New Behavior

...

Contrast to Current Behavior

...

Discussion: Benefits and Drawbacks

...

Changes to the Documentation

...

Proposed Release Note Entry

...

Comments

Include additional comments about the this pull request

Double Check

  • I have read the comments and followed the CONTRIBUTING.md.
  • I have explained my PR according to the information in the comments or in a linked issue.
  • My PR source branch is created from the develop branch.
  • My PR targets the develop branch.
  • All my commits have --signoff applied

rnwolfe and others added 6 commits January 30, 2025 16:31
@rnwolfe
Add support for SSH certificate file in Node class
abcd7c0
@LucaNicosia
Dockerfile-sqbase: update base to python:3.9.21-slim
712c9a1 
Signed-off-by: LucaNicosia <[email protected]>
@LucaNicosia
Dockerfile: update PATH env variable to python3.9
0def87f 
Signed-off-by: LucaNicosia <[email protected]>
@LucaNicosia
pyproject: update uvicon to ^0.15.0
e565a67 
Signed-off-by: LucaNicosia <[email protected]>
@LucaNicosia
update requirements.txt
d89f2aa 
Signed-off-by: LucaNicosia <[email protected]>
Refactor SSH key and passphrase handling in Node class
6922031 
- Remove direct handling of SSH key and passphrase decrypt for both primary and jump host connections
- Move ssh key and passphrase handling to asynchssh
- Update asyncssh options configuration for more flexible SSH authentication
@rnwolfe
Copy link
Author

rnwolfe commented Jan 31, 2025

I had rebased my PR on top of #974, so may need to do some git-fu here before merge.

The latest change in rnwolfe@6922031 does fix by removing pvt key handling and offloading that to the asyncssh logic which handles it more robustly.

This worked in my environment with ~9 cert-based auth linux nodes.

@rnwolfe rnwolfe marked this pull request as ready for review January 31, 2025 20:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Bug]: certificate-based ssh authentication doesn't work
2 participants
@rnwolfe @LucaNicosia