From ed1205a74c868f2083afc23aa3c8d0edc165c8ea Mon Sep 17 00:00:00 2001 From: Rohin Bhasin Date: Wed, 22 May 2024 16:32:49 -0400 Subject: [PATCH] Don't pass basic auth to password cluster HTTP calls. (#823) When we pass basic auth, this gets used as the `Authorization` header. We don't actually need this for anything... the `ssh_user` and `password` should only be needed to create the `ssh_tunnel`, so let's just not send this at all. --- runhouse/resources/hardware/cluster.py | 5 ----- 1 file changed, 5 deletions(-) diff --git a/runhouse/resources/hardware/cluster.py b/runhouse/resources/hardware/cluster.py index c152cb0b0..7a2d37bde 100644 --- a/runhouse/resources/hardware/cluster.py +++ b/runhouse/resources/hardware/cluster.py @@ -596,17 +596,12 @@ def connect_server_client(self, force_reconnect=False): ) self.client_port = self._rpc_tunnel.local_bind_port - ssh_user = self.creds_values.get("ssh_user") - password = self.creds_values.get("password") - auth = (ssh_user, password) if ssh_user and password else None - # Connecting to localhost because it's tunneled into the server at the specified port. # As long as the tunnel was initialized, # self.client_port has been set to the correct port self.client = HTTPClient( host=LOCALHOST, port=self.client_port, - auth=auth, resource_address=self.rns_address, system=self, )