Backlog #1925: Allow ssh connection using ssh agent - OpenNebula - OpenNebula Development pages

Backlog #1925

Allow ssh connection using ssh agent

Added by Jean-Philippe Garcia Ballester about 8 years ago. Updated over 7 years ago.

Status:

Pending

Start date:

04/17/2013

Priority:

Normal

Due date:

Assignee:

Javi Fontan

% Done:

Category:

Drivers - Auth

Target version:

Description

The current implementation of ssh login always asks the user for the ssh key passphrase, even if there is an ssh agent running.

It would be great if the oneuser login command could use the ssh agent. The attach series of patches adds this, along with some clean-up.

0009-Add-ssh-agent-authentification-options-to-ssh-auth.patch (7.16 KB) Jean-Philippe Garcia Ballester, 04/17/2013 11:06 AM

0010-Fix-obsolete-comment.patch (851 Bytes) Jean-Philippe Garcia Ballester, 04/17/2013 11:06 AM

0011-Remove-useless-assignation.patch (966 Bytes) Jean-Philippe Garcia Ballester, 04/17/2013 11:06 AM

0003-Add-default-path-for-ssh-key.patch (1.14 KB) Jean-Philippe Garcia Ballester, 04/17/2013 11:06 AM

0004-Use-helper-method.patch (1.11 KB) Jean-Philippe Garcia Ballester, 04/17/2013 11:06 AM

0005-Simplify-ssh-keys-memorization-in-ssh-auth.patch (2.62 KB) Jean-Philippe Garcia Ballester, 04/17/2013 11:06 AM

0006-Remove-trailing-whitespaces.patch (698 Bytes) Jean-Philippe Garcia Ballester, 04/17/2013 11:06 AM

0008-Use-signature-instead-of-private-encryption-in-ssh-a.patch (4.13 KB) Jean-Philippe Garcia Ballester, 04/17/2013 11:06 AM

0007-Use-signature-instead-of-private-encryption-in-ssh-a.patch (3.9 KB) Jean-Philippe Garcia Ballester, 04/23/2013 10:05 AM

0008-Add-ssh-agent-authentification-options-to-ssh-auth.patch (7.53 KB) Jean-Philippe Garcia Ballester, 04/23/2013 10:05 AM

History

#1 Updated by Jean-Philippe Garcia Ballester about 8 years ago

File 0007-Use-signature-instead-of-private-encryption-in-ssh-a.patch added
File 0008-Add-ssh-agent-authentification-options-to-ssh-auth.patch added

Patches 0008 and 0009 are not clean. Attached are replacement patches.

#2 Updated by Ruben S. Montero about 8 years ago

Category set to Drivers - Auth
Target version set to Release 4.2

THANKS for your contributions!, it really make sense. I am scheduling this for 4.2.

#3 Updated by Ruben S. Montero about 8 years ago

Priority changed from Normal to Low

#4 Updated by Ruben S. Montero about 8 years ago

Target version deleted (~~Release 4.2~~)

#5 Updated by Ruben S. Montero over 7 years ago

Priority changed from Low to High
Target version set to Release 4.6

#6 Updated by Ruben S. Montero over 7 years ago

Priority changed from High to Normal

#7 Updated by Javi Fontan over 7 years ago

Assignee set to Javi Fontan

#8 Updated by Javi Fontan over 7 years ago

To use SSH Agent the way of generating login tokens must be changed from an encrypted one to a signed one. Signing the token is the proper way to do this but I fear this change will break thing.

From my point of view we can do these two things:

a) Wait for 5.0 todo this change
b) Make the new signing way configurable and use the old encrypted tokes by default.

It also adds a new dependency (net-ssh) but it can be vendorized.

#9 Updated by Ruben S. Montero over 7 years ago

Tracker changed from Feature to Backlog
Status changed from New to Pending
Target version deleted (~~Release 4.6~~)

Also available in: Atom PDF

OpenNebula

Issues

Custom queries