Skip to content

Commit

Permalink
scp: simplify SSH connection settings
Browse files Browse the repository at this point in the history 
The `allow_agent` setting was used with NC but not with SCP. Store it in
the device and reuse it for SCP.

The private key was stored in a dictionnary, but this is not needed as
Paramiko's `connect()` would default to `None` when not provided.

Grab the SSH key filename from SSH configuration as Paramiko won't do it
for us. For this reason, this commit is a followup to the one in Juniper#648.
  • Loading branch information
@vincentbernat
vincentbernat committed Jan 13, 2017
1 parent 51a68d1 commit a3686e6
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 23 deletions.
17 changes: 8 additions & 9 deletions lib/jnpr/junos/device.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -819,6 +819,7 @@ def __init__(self, *vargs, **kvargs):
self._hostname = 'localhost'
self._ssh_private_key_file = None
self._ssh_config = None
self._allow_agent = False
else:
# --------------------------
# making a remote connection
Expand All @@ -838,6 +839,12 @@ def __init__(self, *vargs, **kvargs):
self._ssh_private_key_file = kvargs.get('ssh_private_key_file')
self._auth_password = kvargs.get(
'password') or kvargs.get('passwd')
# we want to enable the ssh-agent if-and-only-if we are
# not given a password or an ssh key file.
# in this condition it means we want to query the agent
# for available ssh keys
self._allow_agent = bool((self._auth_password is None) and
(self._ssh_private_key_file is None))

# -----------------------------
# initialize instance variables
Expand Down Expand Up @@ -904,14 +911,6 @@ def open(self, *vargs, **kvargs):
try:
ts_start = datetime.datetime.now()

# we want to enable the ssh-agent if-and-only-if we are
# not given a password or an ssh key file.
# in this condition it means we want to query the agent
# for available ssh keys

allow_agent = bool((self._auth_password is None) and
(self._ssh_private_key_file is None))

# open connection using ncclient transport
self._conn = netconf_ssh.connect(
host=self._hostname,
Expand All @@ -920,7 +919,7 @@ def open(self, *vargs, **kvargs):
password=self._auth_password,
hostkey_verify=False,
key_filename=self._ssh_private_key_file,
allow_agent=allow_agent,
allow_agent=self._allow_agent,
ssh_config=self._sshconf_lkup(),
device_params={'name': 'junos', 'local': False})

Expand Down
25 changes: 11 additions & 14 deletions lib/jnpr/junos/utils/scp.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,29 +88,26 @@ def open(self, **scpargs):
# use junos._hostname since this will be correct if we are going
# through a jumphost.

config = {}
kwargs = {}
ssh_config = getattr(junos, '_sshconf_path')
# Retrieve ProxyCommand and IdentityFile
sock = None
key_file = junos._ssh_private_key_file
ssh_config = junos._sshconf_path
if ssh_config:
config = paramiko.SSHConfig()
config.parse(open(ssh_config))
config = config.lookup(junos._hostname)
sock = None
if config.get("proxycommand"):
sock = paramiko.proxy.ProxyCommand(config.get("proxycommand"))

if self._junos._ssh_private_key_file is not None:
kwargs['key_filename']=self._junos._ssh_private_key_file
if config.get("proxycommand"):
sock = paramiko.proxy.ProxyCommand(config.get("proxycommand"))
key_file = key_file or config.get("identityfile")

self._ssh.connect(hostname=junos._hostname,
port=(
22, int(
junos._port))[
port=(22, int(junos._port))[
junos._hostname == 'localhost'],
username=junos._auth_user,
password=junos._auth_password,
sock=sock, **kwargs
)
key_filename=key_file,
allow_agent=junos._allow_agent,
sock=sock)
return SCPClient(self._ssh.get_transport(), **scpargs)

def close(self):
Expand Down

0 comments on commit a3686e6

Please sign in to comment.