Netapi SSH client don't support ssh_user and ssh_passwd arguments

[pengyao]

salt-ssh should appoint username and password for ssh connection if not set ssh_user and ssh_passwd in roster. like this:

salt-ssh --user='root' --passwd='root_pass' '*' test.ping

In Python API, we can do it like this:

from salt.client.ssh.client import SSHClient
client = SSHClient()
client.cmd(tgt='*', fun='test.ping', salt_user='root', salt_passwd='root_pass')

But in netapi, have no way to appoint the ssh_user and ssh_passwd

[whiteinge]

I think this should be transparently passed through. What syntax have you tried so far?

You can try this (example is in JSON so set the content-type header in your request to application/json):

[{"tgt": "*", "salt_password": "pass", "salt_user": "root", "fun": "test.ping", "client": "cloud"}]

[pengyao]

I have try this:

curl http://localhost:8000/run -H 'Content-Type: application/json' -d '[{"client": "ssh", "tgt": "*", "fun": "test.ping", "ssh_user": "root", "ssh_passwd": "root_pass"}]'

Result:

{"return": [{"minion-01.example.com": {"retcode": 255, "stderr": "Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n", "stdout": ""}}]}

In https://github.com/saltstack/salt/blob/v2015.5.1/salt/client/ssh/client.py#L112:

        return self.cmd(low['tgt'],
                        low['fun'],
                        low.get('arg', []),
                        low.get('timeout'),
                        low.get('expr_form'),
                        low.get('kwarg'))

cmd_async don't pass salt_user and salt_passwd parameter values to cmd function, so it isn't effect

[whiteinge]

Great catch! Thanks for pointing that out.

[whiteinge]

@pengyao quick fix in the above pull req. I won't have time to test this before tomorrow or so. If you're able to test it before then please let us know how it goes.

[pengyao]

@whiteinge It don't work, because salt_user and salt_passwd arguments in low , not kwargs

[whiteinge]

Doh. Right you are. Thanks for submitting a fix!

[double-yaya]

I try this:

curl http://localhost:8000/run -H 'Content-Type: application/json' -d '[{"client": "ssh", "tgt": "*", "fun": "test.ping", "ssh_user": "root", "ssh_passwd": "root_pass"}]'

result:

{"return": [{"minion2": {"retcode": 255, "stderr": "Permission denied, please try again.\r\nPermission denied, please try again.\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n", "stdout": "root@minion2's password: \nroot@minion2's password: \nroot@minion2's password: \n"}}]}

version report

           Salt: 2015.5.3
         Python: 2.6.6 (r266:84292, May  1 2012, 13:52:17)
         Jinja2: unknown
       M2Crypto: 0.20.2
 msgpack-python: 0.1.13
   msgpack-pure: Not Installed
       pycrypto: 2.0.1
        libnacl: Not Installed
         PyYAML: 3.10
          ioflo: Not Installed
          PyZMQ: 2.2.0.1
           RAET: Not Installed
            ZMQ: 3.2.4
           Mako: Not Installed
        Tornado: Not Installed 

[double-yaya]

In 2014.1.4 version I can specify the target machine execute commands, the target machine not written in the roster file
command like this：

salt-ssh 'ip' test.ping --passwd rootpassword
ip:
    True 

But in 2015.5.3 version failed

result:

No hosts found with target ip of type glob 

So.....In 2015.5.3 version,the target machine must be written in a roster file?

[basepi]

Interesting, I didn't know that it ever worked to just use the IP address of the host without specifying a roster. I think 2015.5 requires a roster file, but it should also be fairly straightforward to allow raw ip addresses in the command without a roster file. Would you please open a new issue?

[double-yaya]

issue #26689