New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Proxycommand 'none' interpreted as command #415

Closed
richardspiers opened this Issue Oct 6, 2014 · 4 comments

Comments

Projects
None yet
4 participants
@richardspiers

richardspiers commented Oct 6, 2014

With regards to ssh config, the proxycommand is disabled by specifing 'none':

Relevant section taken from ssh_config man pages:

ProxyCommand

Specifies the command to use to connect to the server. The command string extends to the end of the line, and is executed with the user's shell. In the command string, any occurrence of ‘%h’ will be substituted by the host name to connect, ‘%p’ by the port, and ‘%r’ by the remote user name. The command can be basically anything, and should read from its standard input and write to its standard output. It should eventually connect an sshd(8) server running on some machine, or execute sshd -i somewhere. Host key management will be done using the HostName of the host being connected (defaulting to the name typed by the user). Setting the command to “none” disables this option entirely. Note that CheckHostIP is not available for connects with a proxy command.

I have a slightly complicated ssh_config, which has to explicitly disable proxy command for some hosts due to how hostname matching has been implemented.

However, when using fabric and/or paramiko, the "none" option gets interrupted as an actual string value, which results in no fabric commands working as it throws exceptions containing OSError: [Errno 2] No such file or directory

A test script showing the parsing behaviour is below:

#!/usr/bin/python
import paramiko
import StringIO

temp_config = '''
Host 1.1.1.1
    User guestuser
    StrictHostKeyChecking no
    UserKnownHostsFile /dev/null
    ProxyCommand none
    '''
fake_config_file = StringIO.StringIO()
fake_config_file.write(temp_config)
fake_config_file.seek(0)

ssh_config = paramiko.SSHConfig()
ssh_config.parse(fake_config_file)

print ssh_config.lookup('1.1.1.1')

Output:
{'stricthostkeychecking': 'no', 'userknownhostsfile': '/dev/null', 'user': 'guestuser', 'hostname': '1.1.1.1', 'proxycommand': 'none'}

This is eventually used in fabric in fabric/network.py:

def get_gateway(host, port, cache, replace=False):
  ...
  proxy_command = ssh_config().get('proxycommand', None)
  ...
  elif proxy_command:
        sock = ssh.ProxyCommand(proxy_command)
    return sock

While this could be fixed by simply checking for 'none' in fabric, I've opened an issue here against paramiko as I believe it makes more sense to fix it at this level. Please feel free to disagree and I'll report it against fabric instead if desired.

@lndbrg

This comment has been minimized.

Contributor

lndbrg commented Oct 6, 2014

Nope, seems logical to check for the existence of none in paramiko and make sure that it gets disabled/removed.

@bitprophet

This comment has been minimized.

Member

bitprophet commented Oct 7, 2014

Yea this seems like a straightforward incomplete implementation. Thanks for the report! Labeling n such for followup.

@seanson

This comment has been minimized.

seanson commented Nov 11, 2014

I've added a pull request for a possible solution, please feel free to provide any feedback.

bitprophet added a commit that referenced this issue Dec 17, 2014

@bitprophet

This comment has been minimized.

Member

bitprophet commented Dec 17, 2014

Merged #433, this should be good now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment