From d1e44b05fc89b3dff83c7c709da2bc344b0e4d4d Mon Sep 17 00:00:00 2001 From: dbeltran Date: Thu, 16 Mar 2023 16:25:20 +0100 Subject: [PATCH 1/7] tentative change --- autosubmit/platforms/paramiko_platform.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/autosubmit/platforms/paramiko_platform.py b/autosubmit/platforms/paramiko_platform.py index e8327b9ad..fe923361a 100644 --- a/autosubmit/platforms/paramiko_platform.py +++ b/autosubmit/platforms/paramiko_platform.py @@ -215,7 +215,7 @@ class ParamikoPlatform(Platform): self._host_config['proxycommand']) try: self._ssh.connect(self._host_config['hostname'], port, username=self.user, - key_filename=self._host_config_id, sock=self._proxy, timeout=120 , banner_timeout=120) + key_filename=self._host_config_id, sock=self._proxy, timeout=120 , banner_timeout=120,allow_agent=True) except Exception as e: self._ssh.connect(self._host_config['hostname'], port, username=self.user, key_filename=self._host_config_id, sock=self._proxy, timeout=120, -- GitLab From 3bc619c6a40420b3bc03708a6e26d970a2fbc4f6 Mon Sep 17 00:00:00 2001 From: dbeltran Date: Fri, 17 Mar 2023 09:55:40 +0100 Subject: [PATCH 2/7] Tentative change (II) --- autosubmit/platforms/paramiko_platform.py | 79 ++++++++++++++--------- 1 file changed, 50 insertions(+), 29 deletions(-) diff --git a/autosubmit/platforms/paramiko_platform.py b/autosubmit/platforms/paramiko_platform.py index fe923361a..cc74e399b 100644 --- a/autosubmit/platforms/paramiko_platform.py +++ b/autosubmit/platforms/paramiko_platform.py @@ -1,4 +1,6 @@ import locale +from binascii import hexlify +from contextlib import suppress from time import sleep import sys import socket @@ -177,7 +179,30 @@ class ParamikoPlatform(Platform): raise AutosubmitCritical( 'Cant connect to this platform due an unknown error', 7050, str(e)) - + def agent_auth(self,port): + """ + Attempt to authenticate to the given transport using any of the private + keys available from an SSH agent. + """ + try: + self._ssh.connect(self._host_config['hostname'], port, username=self.user, timeout=60, banner_timeout=60) + except BaseException as e: + Log.warning(f'Failed to authenticate with ssh-agent due to {e}') + return False + return True + # agent = paramiko.Agent() + # agent_keys = agent.get_keys() + # if len(agent_keys) == 0: + # return False + # for key in agent_keys: + # Log.info('Trying ssh-agent key %s' % hexlify(key.get_fingerprint())) + # try: + # self._ssh.get_transport().auth_publickey(self.user, key) + # Log.info('Sucessfully authenticated with ssh-agent') + # return True + # except BaseException as e: + # Log.warning(f'Failed to authenticate with ssh-agent due to {e}') + # return False def connect(self, reconnect=False): """ Creates ssh connection to host @@ -193,7 +218,6 @@ class ParamikoPlatform(Platform): self._ssh = paramiko.SSHClient() self._ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) self._ssh_config = paramiko.SSHConfig() - self._user_config_file = os.path.expanduser("~/.ssh/config") if os.path.exists(self._user_config_file): with open(self._user_config_file) as f: @@ -204,36 +228,33 @@ class ParamikoPlatform(Platform): self._host_config['hostname'] = random.choice( self._host_config['hostname'].split(',')[1:]) else: - self._host_config['hostname'] = self._host_config['hostname'].split(',')[ - 0] + self._host_config['hostname'] = self._host_config['hostname'].split(',')[0] if 'identityfile' in self._host_config: self._host_config_id = self._host_config['identityfile'] - #pkey = paramiko.Ed25519Key.from_private_key_file(self._host_config_id[0]) port = int(self._host_config.get('port',22)) - if 'proxycommand' in self._host_config: - self._proxy = paramiko.ProxyCommand( - self._host_config['proxycommand']) - try: - self._ssh.connect(self._host_config['hostname'], port, username=self.user, - key_filename=self._host_config_id, sock=self._proxy, timeout=120 , banner_timeout=120,allow_agent=True) - except Exception as e: - self._ssh.connect(self._host_config['hostname'], port, username=self.user, - key_filename=self._host_config_id, sock=self._proxy, timeout=120, - banner_timeout=120,disabled_algorithms={'pubkeys': ['rsa-sha2-256', 'rsa-sha2-512']}) - else: - try: - self._ssh.connect(self._host_config['hostname'], port, username=self.user, - key_filename=self._host_config_id, timeout=60 , banner_timeout=60) - except Exception as e: - self._ssh.connect(self._host_config['hostname'], port, username=self.user, - key_filename=self._host_config_id, timeout=60 , banner_timeout=60,disabled_algorithms={'pubkeys': ['rsa-sha2-256', 'rsa-sha2-512']}) - self.transport = self._ssh.get_transport() - #self.transport = paramiko.Transport((self._host_config['hostname'], 22)) - #self.transport.connect(username=self.user) - window_size = pow(4, 12) # about ~16MB chunks - max_packet_size = pow(4, 12) - #self._ftpChannel = self._ssh.open_sftp() - self._ftpChannel = paramiko.SFTPClient.from_transport(self.transport,window_size=window_size,max_packet_size=max_packet_size) + # Agent Auth + if not self.agent_auth(port): + # Public Key Auth + if 'proxycommand' in self._host_config: + self._proxy = paramiko.ProxyCommand(self._host_config['proxycommand']) + try: + self._ssh.connect(self._host_config['hostname'], port, username=self.user, + key_filename=self._host_config_id, sock=self._proxy, timeout=60 , banner_timeout=60) + except Exception as e: + self._ssh.connect(self._host_config['hostname'], port, username=self.user, + key_filename=self._host_config_id, sock=self._proxy, timeout=60, + banner_timeout=60,disabled_algorithms={'pubkeys': ['rsa-sha2-256', 'rsa-sha2-512']}) + else: + try: + self._ssh.connect(self._host_config['hostname'], port, username=self.user, + key_filename=self._host_config_id, timeout=60 , banner_timeout=60) + except Exception as e: + self._ssh.connect(self._host_config['hostname'], port, username=self.user, + key_filename=self._host_config_id, timeout=60 , banner_timeout=60,disabled_algorithms={'pubkeys': ['rsa-sha2-256', 'rsa-sha2-512']}) + self.transport = self._ssh.get_transport() + self.transport.banner_timeout(60) + + self._ftpChannel = paramiko.SFTPClient.from_transport(self.transport,window_size=pow(4, 12) ,max_packet_size=pow(4, 12) ) self._ftpChannel.get_channel().settimeout(120) self.connected = True except SSHException as e: -- GitLab From 305166156381394f932164c78f3f0de3fae7515c Mon Sep 17 00:00:00 2001 From: dbeltran Date: Fri, 17 Mar 2023 09:58:16 +0100 Subject: [PATCH 3/7] Tentative change (II) --- autosubmit/platforms/paramiko_platform.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/autosubmit/platforms/paramiko_platform.py b/autosubmit/platforms/paramiko_platform.py index cc74e399b..ac62e75e3 100644 --- a/autosubmit/platforms/paramiko_platform.py +++ b/autosubmit/platforms/paramiko_platform.py @@ -186,6 +186,8 @@ class ParamikoPlatform(Platform): """ try: self._ssh.connect(self._host_config['hostname'], port, username=self.user, timeout=60, banner_timeout=60) + self.transport = self._ssh.get_transport() + self.transport.banner_timeout(60) except BaseException as e: Log.warning(f'Failed to authenticate with ssh-agent due to {e}') return False -- GitLab From cc4905b0f0c3d3b65cc6abb6a9c7e13ccb4bed83 Mon Sep 17 00:00:00 2001 From: dbeltran Date: Fri, 17 Mar 2023 10:07:45 +0100 Subject: [PATCH 4/7] Tentative change (IV) --- autosubmit/platforms/paramiko_platform.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/autosubmit/platforms/paramiko_platform.py b/autosubmit/platforms/paramiko_platform.py index ac62e75e3..f0206c2b7 100644 --- a/autosubmit/platforms/paramiko_platform.py +++ b/autosubmit/platforms/paramiko_platform.py @@ -185,12 +185,13 @@ class ParamikoPlatform(Platform): keys available from an SSH agent. """ try: - self._ssh.connect(self._host_config['hostname'], port, username=self.user, timeout=60, banner_timeout=60) + self._ssh.connect(self._host_config['hostname'], port=port, username=self.user, timeout=60, banner_timeout=60) self.transport = self._ssh.get_transport() - self.transport.banner_timeout(60) + self.transport.banner_timeout = 60 except BaseException as e: Log.warning(f'Failed to authenticate with ssh-agent due to {e}') return False + return True # agent = paramiko.Agent() # agent_keys = agent.get_keys() @@ -254,7 +255,7 @@ class ParamikoPlatform(Platform): self._ssh.connect(self._host_config['hostname'], port, username=self.user, key_filename=self._host_config_id, timeout=60 , banner_timeout=60,disabled_algorithms={'pubkeys': ['rsa-sha2-256', 'rsa-sha2-512']}) self.transport = self._ssh.get_transport() - self.transport.banner_timeout(60) + self.transport.banner_timeout = 60 self._ftpChannel = paramiko.SFTPClient.from_transport(self.transport,window_size=pow(4, 12) ,max_packet_size=pow(4, 12) ) self._ftpChannel.get_channel().settimeout(120) -- GitLab From 7a75ee8b5fe901527cd7707a0e9632323fd8d84a Mon Sep 17 00:00:00 2001 From: dbeltran Date: Fri, 17 Mar 2023 10:34:39 +0100 Subject: [PATCH 5/7] Clean unsed code, added doctring --- autosubmit/platforms/paramiko_platform.py | 19 +++---------------- 1 file changed, 3 insertions(+), 16 deletions(-) diff --git a/autosubmit/platforms/paramiko_platform.py b/autosubmit/platforms/paramiko_platform.py index f0206c2b7..82957d32f 100644 --- a/autosubmit/platforms/paramiko_platform.py +++ b/autosubmit/platforms/paramiko_platform.py @@ -181,8 +181,9 @@ class ParamikoPlatform(Platform): def agent_auth(self,port): """ - Attempt to authenticate to the given transport using any of the private - keys available from an SSH agent. + Attempt to authenticate to the given SSH server using the most common authentication methods available. This will always try to use the SSH agent first, and will fall back to using a password if that fails. + :parameter port: port to connect + :return: True if authentication was successful, False otherwise """ try: self._ssh.connect(self._host_config['hostname'], port=port, username=self.user, timeout=60, banner_timeout=60) @@ -191,21 +192,7 @@ class ParamikoPlatform(Platform): except BaseException as e: Log.warning(f'Failed to authenticate with ssh-agent due to {e}') return False - return True - # agent = paramiko.Agent() - # agent_keys = agent.get_keys() - # if len(agent_keys) == 0: - # return False - # for key in agent_keys: - # Log.info('Trying ssh-agent key %s' % hexlify(key.get_fingerprint())) - # try: - # self._ssh.get_transport().auth_publickey(self.user, key) - # Log.info('Sucessfully authenticated with ssh-agent') - # return True - # except BaseException as e: - # Log.warning(f'Failed to authenticate with ssh-agent due to {e}') - # return False def connect(self, reconnect=False): """ Creates ssh connection to host -- GitLab From 97762f84a27549a41d84beef300de490425fad28 Mon Sep 17 00:00:00 2001 From: dbeltran Date: Fri, 17 Mar 2023 10:35:05 +0100 Subject: [PATCH 6/7] Clean unsed code, added doctring --- autosubmit/platforms/paramiko_platform.py | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/autosubmit/platforms/paramiko_platform.py b/autosubmit/platforms/paramiko_platform.py index 82957d32f..82961c42b 100644 --- a/autosubmit/platforms/paramiko_platform.py +++ b/autosubmit/platforms/paramiko_platform.py @@ -187,8 +187,6 @@ class ParamikoPlatform(Platform): """ try: self._ssh.connect(self._host_config['hostname'], port=port, username=self.user, timeout=60, banner_timeout=60) - self.transport = self._ssh.get_transport() - self.transport.banner_timeout = 60 except BaseException as e: Log.warning(f'Failed to authenticate with ssh-agent due to {e}') return False @@ -241,8 +239,8 @@ class ParamikoPlatform(Platform): except Exception as e: self._ssh.connect(self._host_config['hostname'], port, username=self.user, key_filename=self._host_config_id, timeout=60 , banner_timeout=60,disabled_algorithms={'pubkeys': ['rsa-sha2-256', 'rsa-sha2-512']}) - self.transport = self._ssh.get_transport() - self.transport.banner_timeout = 60 + self.transport = self._ssh.get_transport() + self.transport.banner_timeout = 60 self._ftpChannel = paramiko.SFTPClient.from_transport(self.transport,window_size=pow(4, 12) ,max_packet_size=pow(4, 12) ) self._ftpChannel.get_channel().settimeout(120) -- GitLab From e115c8ce89814439b5d1aa623f54d8dd98475f75 Mon Sep 17 00:00:00 2001 From: dbeltran Date: Fri, 17 Mar 2023 10:36:40 +0100 Subject: [PATCH 7/7] Clean unsed code, added doctring --- autosubmit/platforms/paramiko_platform.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/autosubmit/platforms/paramiko_platform.py b/autosubmit/platforms/paramiko_platform.py index 82961c42b..5cb5d88c7 100644 --- a/autosubmit/platforms/paramiko_platform.py +++ b/autosubmit/platforms/paramiko_platform.py @@ -181,7 +181,7 @@ class ParamikoPlatform(Platform): def agent_auth(self,port): """ - Attempt to authenticate to the given SSH server using the most common authentication methods available. This will always try to use the SSH agent first, and will fall back to using a password if that fails. + Attempt to authenticate to the given SSH server using the most common authentication methods available. This will always try to use the SSH agent first, and will fall back to using the others methods if that fails. :parameter port: port to connect :return: True if authentication was successful, False otherwise """ -- GitLab