Resolve ssh hostname aliases before running ssh-keyscan #889
+355
−12
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
lox
reviewed
Jan 10, 2019
Co-Authored-By: ticky <hello@jessicastokes.net>
lox
reviewed
Jan 10, 2019
Co-Authored-By: ticky <hello@jessicastokes.net>
|
This looks awesome @ticky! I was wondering when that github alias stuff would bite us. |
|
I’m sort of delighted that my new code has basically not needed an edit, it was only supporting stuff and tests 😃 |
|
You are also the first other human to use |
|
Looks good to go to me @ticky! |
ticky
commented
Jan 10, 2019
| return fmt.Sprintf("%s:%s", hostname, port) | ||
| } | ||
|
|
||
| // if we got here, either the `-G` flag was unsupported, or ssh -G |
There was a problem hiding this comment.
I wonder if we should emit a warning here… 🧐
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a PoC to improve compatibility with ssh aliases which don’t conform to our special-casing behaviour.
For any incoming ssh host, this asks
sshfor what host it will connect to. This allowsssh-keyscanto connect to that host, rather than whatever the alias name is, which may or may not match.It also supersedes the older behaviour wherein our special-case aliases were stripped, and on agents which are already correctly configured, should work the same.
I haven’t been able to get the test suite working to confirm this works, but I figured putting the sketch up would be better than doing nothing! 😃I’ve updated this to pass, and add new, tests, and it’s looking good!
For reference,
ssh -Gappears to have been added in OpenSSH in 6.0 (released April 22, 2012, sadly no source link as this took gripping multiple tgz files to bisect), but it appears to be turned off in some OS’ distributions of 6.x (one of our virtual servers is running a version from 2014, but it’s missing) so the existence of the fallback remains potentially important.