Proxycommand 'none' interpreted as command

[richardspiers]

With regards to ssh config, the proxycommand is disabled by specifing 'none':

Relevant section taken from ssh_config man pages:

ProxyCommand

Specifies the command to use to connect to the server. The command string extends to the end of the line, and is executed with the user's shell. In the command string, any occurrence of ‘%h’ will be substituted by the host name to connect, ‘%p’ by the port, and ‘%r’ by the remote user name. The command can be basically anything, and should read from its standard input and write to its standard output. It should eventually connect an sshd(8) server running on some machine, or execute sshd -i somewhere. Host key management will be done using the HostName of the host being connected (defaulting to the name typed by the user). Setting the command to “none” disables this option entirely. Note that CheckHostIP is not available for connects with a proxy command.

I have a slightly complicated ssh_config, which has to explicitly disable proxy command for some hosts due to how hostname matching has been implemented.

However, when using fabric and/or paramiko, the "none" option gets interrupted as an actual string value, which results in no fabric commands working as it throws exceptions containing OSError: [Errno 2] No such file or directory

A test script showing the parsing behaviour is below:

#!/usr/bin/python
import paramiko
import StringIO

temp_config = '''
Host 1.1.1.1
    User guestuser
    StrictHostKeyChecking no
    UserKnownHostsFile /dev/null
    ProxyCommand none
    '''
fake_config_file = StringIO.StringIO()
fake_config_file.write(temp_config)
fake_config_file.seek(0)

ssh_config = paramiko.SSHConfig()
ssh_config.parse(fake_config_file)

print ssh_config.lookup('1.1.1.1')

Output:
{'stricthostkeychecking': 'no', 'userknownhostsfile': '/dev/null', 'user': 'guestuser', 'hostname': '1.1.1.1', 'proxycommand': 'none'}

This is eventually used in fabric in fabric/network.py:

def get_gateway(host, port, cache, replace=False):
  ...
  proxy_command = ssh_config().get('proxycommand', None)
  ...
  elif proxy_command:
        sock = ssh.ProxyCommand(proxy_command)
    return sock

While this could be fixed by simply checking for 'none' in fabric, I've opened an issue here against paramiko as I believe it makes more sense to fix it at this level. Please feel free to disagree and I'll report it against fabric instead if desired.

[lndbrg]

Nope, seems logical to check for the existence of none in paramiko and make sure that it gets disabled/removed.

[bitprophet]

Yea this seems like a straightforward incomplete implementation. Thanks for the report! Labeling n such for followup.

[seanson]

I've added a pull request for a possible solution, please feel free to provide any feedback.

[bitprophet]

Merged #433, this should be good now.