Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fabric incorrectly treats a failed connection as an authentication failure when using a gateway. #1542

Closed
wcs1only opened this issue Dec 17, 2016 · 1 comment
Closed

Fabric incorrectly treats a failed connection as an authentication failure when using a gateway. #1542

wcs1only opened this issue Dec 17, 2016 · 1 comment

Comments

@wcs1only
Copy link

wcs1only commented Dec 17, 2016
edited

When connecting through a gateway, fabric will treat a connection failure as an auth failure and give a password prompt (even when using keyed auth).

You can easily reproduce this issue with the following program:

from fabric.api import *

@task
def reboot_host():
    sudo('whoami')
    reboot(wait=3600)
    sudo('whoami')

Connecting to a host directly and running this task gives

a45e60c70e75:test stwillar$ fab reboot_host
[****.us-west-2.compute.amazonaws.com] Executing task 'reboot_host'
[****.us-west-2.compute.amazonaws.com] sudo: whoami
[****.us-west-2.compute.amazonaws.com] out: sudo password: 

[****.us-west-2.compute.amazonaws.com] out: root
[****.us-west-2.compute.amazonaws.com] out: 

[****.us-west-2.compute.amazonaws.com] out: sudo password:
[****.us-west-2.compute.amazonaws.com] out: 
[****.us-west-2.compute.amazonaws.com] sudo: whoami
[****.us-west-2.compute.amazonaws.com] out: sudo password:
[****.us-west-2.compute.amazonaws.com] out: root
[****.us-west-2.compute.amazonaws.com] out:

This same task, run through a gateway gives the following output:

a45e60c70e75:test stwillar$ fab -g ****.us-west-2.compute.amazonaws.com reboot_host
[****.us-west-2.compute.amazonaws.com] Executing task 'reboot_host'
[****.us-west-2.compute.amazonaws.com] sudo: whoami
[****.us-west-2.compute.amazonaws.com] out: sudo password: 

[****.us-west-2.compute.amazonaws.com] out: root
[****.us-west-2.compute.amazonaws.com] out: 

[****.us-west-2.compute.amazonaws.com] out: sudo password:
[****.us-west-2.compute.amazonaws.com] out: 
No handlers could be found for logger "paramiko.transport"
[****.us-west-2.compute.amazonaws.com] Login password for 'ec2-user': 
[****.us-west-2.compute.amazonaws.com] Login password for 'ec2-user': 
[****.us-west-2.compute.amazonaws.com] Login password for 'ec2-user': 
[****.us-west-2.compute.amazonaws.com] Login password for 'ec2-user':

It will continue to loop asking for the password until the host comes back. I did some digging and found that the issue is because paramiko gives a ChannelException when the gateway fails to connect to the remote host. Fabric treats this as a generic SSHException which will in turn cause a reauthentication attempt. I wrote a unit test that reproduces the issue, and a patch that fixes it.

A pull request will follow shortly.
wcs1only pushed a commit to wcs1only/fabric that referenced this issue Dec 17, 2016
Fixes fabric#1542 raise NetworkError on ChannelException
f2351c9
@bitprophet bitprophet mentioned this issue Dec 19, 2016
Closed
@bitprophet
Copy link
Member

Merging with the PR.

bitprophet pushed a commit that referenced this issue Apr 24, 2017
@bitprophet
Fixes #1542 raise NetworkError on ChannelException
02c2b58
bitprophet added a commit that referenced this issue Apr 24, 2017
@bitprophet
Changelog closes #1542, closes #1543
f675cd1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bitprophet @wcs1only