New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

env.gateway doesn't honor the content of env.passwords #884

Closed
mnencia opened this Issue Apr 9, 2013 · 6 comments

Comments

Projects
None yet
6 participants
@mnencia

mnencia commented Apr 9, 2013

The fabric.network.connect(user, host, port) function uses the function fabric.auth.get_password() to retrieve the password, and that function always return the password related to the current env.host_string.

This approach works with only one one level of connections, but when you use a env.gateway setting, the first connect host parameter will match the env.host_string content, so it will retrieve the wrong password.

Example:

from fabric.api import *

@task(default=True)
@hosts('user@host')
@with_settings(
    no_keys=True,
    gateway='gwuser@gwhost',
    passwords={
        'user@host':'pass',
        'gwuser@gwhost':'gwpass',
        }
)
def run():
    run('uname -n')

This will end to a try to log on 'gwuser@gwhost' using 'pass' as password instead of 'gwpass'.

@bitprophet

This comment has been minimized.

Member

bitprophet commented May 27, 2013

Thanks for the report, I acknowledge the issue. Seems easy to fix by switching get/set_password to take explicit user/host/port arguments instead of relying on shared state. Testing that change now.

@bitprophet

This comment has been minimized.

Member

bitprophet commented May 27, 2013

Fixed in d41e39b (forgot the pound sign in commit msg, oops). Please reopen if that didn't do it - I don't have any good password-friendly gateways to test on right now. Key-only auth for life! ;)

@yupbank

This comment has been minimized.

yupbank commented Jul 31, 2015

hey man, this fails again.

Fabric 1.10.2
Paramiko 1.15.2


my setting is that from local -> proxy -> host
and i need a password for proxy and after proxy the ssh_key from proxy would help to login.
but as my code below, fab first try to connect host directly :(

fabfile.py

from fabric.api import *

env.gateway = 'user_proxy@host_proxy'
env.hosts = ['user@host']

env.passwords = {
    'user_proxy@host_proxy': 'password_proxy',
    'user@host': 'pass'
}

def uptime():
    res = run('cat /proc/uptime')
    print res

run fab uptime

@zjiekai

This comment has been minimized.

zjiekai commented Jan 12, 2016

Hi, @yupbank, @bitprophet

In my case this will fix env.passwords

env.passwords = {
    ('user_proxy@host_proxy',): 'password_proxy',
    ('user@host',): 'pass'
}
@davidazcona

This comment has been minimized.

davidazcona commented Dec 20, 2016

Port seems to be needed after fix d41e39b.

env.passwords = {
'user_proxy@host_proxy:22': 'password_proxy',
'user@host:22': 'pass'
}

That works for me. It wouldn't work without the port. Cheers

@sohamnavadiya

This comment has been minimized.

sohamnavadiya commented Jan 15, 2017

How can I use .pem file instead of password in above case?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment