1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
|
module LeapCli; module Commands
desc 'Log in to the specified node with an interactive shell.'
arg_name 'NAME' #, :optional => false, :multiple => false
command :ssh do |c|
c.flag 'ssh', :desc => "Pass through raw options to ssh (e.g. `--ssh '-F ~/sshconfig'`)."
c.flag 'port', :arg_name => 'SSH_PORT', :desc => 'Override default SSH port used when trying to connect to the server. Same as `--ssh "-p SSH_PORT"`.'
c.action do |global_options,options,args|
exec_ssh(:ssh, options, args)
end
end
desc 'Log in to the specified node with an interactive shell using mosh (requires node to have mosh.enabled set to true).'
arg_name 'NAME'
command :mosh do |c|
c.flag 'ssh', :desc => "Pass through raw options to ssh (e.g. `--ssh '-F ~/sshconfig'`)."
c.flag 'port', :arg_name => 'SSH_PORT', :desc => 'Override default SSH port used when trying to connect to the server. Same as `--ssh "-p SSH_PORT"`.'
c.action do |global_options,options,args|
exec_ssh(:mosh, options, args)
end
end
desc 'Creates an SSH port forward (tunnel) to the node NAME. REMOTE_PORT is the port on the remote node that the tunnel will connect to. LOCAL_PORT is the optional port on your local machine. For example: `leap tunnel couch1:5984`.'
arg_name '[LOCAL_PORT:]NAME:REMOTE_PORT'
command :tunnel do |c|
c.flag 'ssh', :desc => "Pass through raw options to ssh (e.g. --ssh '-F ~/sshconfig')."
c.flag 'port', :arg_name => 'SSH_PORT', :desc => 'Override default SSH port used when trying to connect to the server. Same as `--ssh "-p SSH_PORT"`.'
c.action do |global_options,options,args|
local_port, node, remote_port = parse_tunnel_arg(args.first)
options[:ssh] = [options[:ssh], "-N -L 127.0.0.1:#{local_port}:0.0.0.0:#{remote_port}"].join(' ')
log("Forward port localhost:#{local_port} to #{node.name}:#{remote_port}")
if is_port_available?(local_port)
exec_ssh(:ssh, options, [node.name])
end
end
end
protected
#
# allow for ssh overrides of all commands that use ssh_connect
#
def connect_options(options)
connect_options = {:ssh_options=>{}}
if options[:port]
connect_options[:ssh_options][:port] = options[:port]
end
if options[:ip]
connect_options[:ssh_options][:host_name] = options[:ip]
end
return connect_options
end
def ssh_config_help_message
puts ""
puts "Are 'too many authentication failures' getting you down?"
puts "Then we have the solution for you! Add something like this to your ~/.ssh/config file:"
puts " Host *.#{manager.provider.domain}"
puts " IdentityFile ~/.ssh/id_rsa"
puts " IdentitiesOnly=yes"
puts "(replace `id_rsa` with the actual private key filename that you use for this provider)"
end
require 'socket'
def is_port_available?(port)
TCPServer.open('127.0.0.1', port) {}
true
rescue Errno::EACCES
bail!("You don't have permission to bind to port #{port}.")
rescue Errno::EADDRINUSE
bail!("Local port #{port} is already in use. Specify LOCAL_PORT to pick another.")
rescue Exception => exc
bail!(exc.to_s)
end
private
def exec_ssh(cmd, cli_options, args)
node = get_node_from_args(args, :include_disabled => true)
port = node.ssh.port
options = [
"-o 'HostName=#{node.ip_address}'",
# "-o 'HostKeyAlias=#{node.name}'", << oddly incompatible with ports in known_hosts file, so we must not use this or non-standard ports break.
"-o 'GlobalKnownHostsFile=#{path(:known_hosts)}'",
"-o 'UserKnownHostsFile=/dev/null'"
]
if node.vagrant?
options << "-i #{vagrant_ssh_key_file}" # use the universal vagrant insecure key
options << "-o IdentitiesOnly=yes" # force the use of the insecure vagrant key
options << "-o 'StrictHostKeyChecking=no'" # blindly accept host key and don't save it (since userknownhostsfile is /dev/null)
else
options << "-o 'StrictHostKeyChecking=yes'"
end
if !node.supported_ssh_host_key_algorithms.empty?
options << "-o 'HostKeyAlgorithms=#{node.supported_ssh_host_key_algorithms}'"
end
username = 'root'
if LeapCli.log_level >= 3
options << "-vv"
elsif LeapCli.log_level >= 2
options << "-v"
end
if cli_options[:port]
port = cli_options[:port]
end
if cli_options[:ssh]
options << cli_options[:ssh]
end
ssh = "ssh -l #{username} -p #{port} #{options.join(' ')}"
if cmd == :ssh
command = "#{ssh} #{node.domain.full}"
elsif cmd == :mosh
command = "MOSH_TITLE_NOPREFIX=1 mosh --ssh \"#{ssh}\" #{node.domain.full}"
end
log 2, command
# exec the shell command in a subprocess
pid = fork { exec "#{command}" }
Signal.trap("SIGINT") do
Process.kill("KILL", pid)
Process.wait(pid)
exit(0)
end
# wait for shell to exit so we can grab the exit status
_, status = Process.waitpid2(pid)
if status.exitstatus == 255
ssh_config_help_message
elsif status.exitstatus != 0
exit(status.exitstatus)
end
end
def parse_tunnel_arg(arg)
if arg.count(':') == 1
node_name, remote = arg.split(':')
local = nil
elsif arg.count(':') == 2
local, node_name, remote = arg.split(':')
else
bail!('Argument NAME:REMOTE_PORT required.')
end
node = get_node_from_args([node_name], :include_disabled => true)
remote = remote.to_i
local = local || remote
local = local.to_i
return [local, node, remote]
end
end; end
|
