abra app secret generate tries to look up SSH host keys for an unrelated server #242

New Issue

Closed

opened 2021-11-09 12:41:16 +00:00 by 3wordchant · 4 comments

3wordchant commented 2021-11-09 12:41:16 +00:00

Owner

Copy Link

Steps to reproduce

abra app new minio
# choose server demo.coopcloud.tech, accept defaults for others
abra app secret generate --all --pass minio_demo_coopcloud_tech

Describe the expected behavior

Secrets generated, and stored on demo.coopcloud.tech

Describe the current behavior

➜ abra app secret generate --all --pass minio_demo_coopcloud_tech

You are attempting to make an SSH connection to a server but there is no entry
in your ~/.ssh/known_hosts file which confirms that this is indeed the server
you want to connect to. Please take a moment to validate the following SSH host
key, it is important.

    Host:        centreforthestudyof.net
    Fingerprint: SHA256:vO418MfU0mq0fyrKGawGmQ9Jy6ABGkqn8Zw3cLixxUs

I indeed do not have centreforthestudyof.net in ~/.ssh/authorized_keys, but I do have demo.coopcloud.tech.

Any idea how this might be fixed?

Maybe it's scanning all servers instead of just the one it needs to access for the app secret generate command?

Additional information

abra version dev-9fa2cae

## Steps to reproduce ``` abra app new minio # choose server demo.coopcloud.tech, accept defaults for others abra app secret generate --all --pass minio_demo_coopcloud_tech ``` ## Describe the expected behavior Secrets generated, and stored on demo.coopcloud.tech ## Describe the current behavior ``` ➜ abra app secret generate --all --pass minio_demo_coopcloud_tech You are attempting to make an SSH connection to a server but there is no entry in your ~/.ssh/known_hosts file which confirms that this is indeed the server you want to connect to. Please take a moment to validate the following SSH host key, it is important. Host: centreforthestudyof.net Fingerprint: SHA256:vO418MfU0mq0fyrKGawGmQ9Jy6ABGkqn8Zw3cLixxUs ``` I indeed do not have `centreforthestudyof.net` in `~/.ssh/authorized_keys`, but I do have `demo.coopcloud.tech`. ## Any idea how this might be fixed? Maybe it's scanning all servers instead of just the one it needs to access for the `app secret generate` command? ## Additional information <!-- run "abra -v" on the command-line --> `abra version dev-9fa2cae`

3wordchant added the

bug

abra

labels 2021-11-09 12:41:16 +00:00

3wordchant commented 2021-11-09 12:42:44 +00:00

Author

Owner

Copy Link

Related: if I accept the host key, the command then fails on another server:

DEBU[0005] no hostname found in SSH config, assuming mutualnudes.net  caller="/home/f/Projects/Autonomic/CoopCloud/abra/pkg/ssh/ssh.go:519 GetHostConfig"
DEBU[0005] constructed SSH config {mutualnudes.net  22 f} for mutualnudes.net  caller="/home/f/Projects/Autonomic/CoopCloud/abra/pkg/ssh/ssh.go:550 GetHostConfig"
FATA[0010] dial tcp 35.185.44.232:22: i/o timeout        caller="/home/f/Projects/Autonomic/CoopCloud/abra/cli/internal/validate.go:94 ValidateApp" stack="/home/f/Projects/Autonomic/CoopCloud/abra/cli/internal/validate.go:94 ValidateApp\n/home/f/Projects/Autonomic/CoopCloud/abra/cli/app/secret.go:36        glob..func26\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/command.go:163    (*Command).Run\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/app.go:434        (*App).RunAsSubcommand\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/command.go:278    (*Command).startApp\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/command.go:94     (*Command).Run\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/app.go:434        (*App).RunAsSubcommand\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/command.go:278    (*Command).startApp\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/command.go:94     (*Command).Run\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/app.go:313        (*App).RunContext\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/app.go:224        RunApp\n/home/f/Projects/Autonomic/CoopCloud/abra/cli/cli.go:119              RunApp\n/home/f/Projects/Autonomic/CoopCloud/abra/cmd/abra/main.go:23         main\n/usr/lib/golang/src/runtime/proc.go:225                               main\n/usr/lib/golang/src/runtime/asm_amd64.s:1371                          goexit"

Related: if I accept the host key, the command then fails on another server: ``` DEBU[0005] no hostname found in SSH config, assuming mutualnudes.net caller="/home/f/Projects/Autonomic/CoopCloud/abra/pkg/ssh/ssh.go:519 GetHostConfig" DEBU[0005] constructed SSH config {mutualnudes.net 22 f} for mutualnudes.net caller="/home/f/Projects/Autonomic/CoopCloud/abra/pkg/ssh/ssh.go:550 GetHostConfig" FATA[0010] dial tcp 35.185.44.232:22: i/o timeout caller="/home/f/Projects/Autonomic/CoopCloud/abra/cli/internal/validate.go:94 ValidateApp" stack="/home/f/Projects/Autonomic/CoopCloud/abra/cli/internal/validate.go:94 ValidateApp\n/home/f/Projects/Autonomic/CoopCloud/abra/cli/app/secret.go:36 glob..func26\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/command.go:163 (*Command).Run\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/app.go:434 (*App).RunAsSubcommand\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/command.go:278 (*Command).startApp\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/command.go:94 (*Command).Run\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/app.go:434 (*App).RunAsSubcommand\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/command.go:278 (*Command).startApp\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/command.go:94 (*Command).Run\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/app.go:313 (*App).RunContext\n/home/f/.go/pkg/mod/github.com/urfave/cli/v2@v2.3.0/app.go:224 RunApp\n/home/f/Projects/Autonomic/CoopCloud/abra/cli/cli.go:119 RunApp\n/home/f/Projects/Autonomic/CoopCloud/abra/cmd/abra/main.go:23 main\n/usr/lib/golang/src/runtime/proc.go:225 main\n/usr/lib/golang/src/runtime/asm_amd64.s:1371 goexit" ```

decentral1se commented 2021-11-09 16:25:55 +00:00

Owner

Copy Link

Hmm right yep, I see the place I've hooked in for host checking is not working for here and other commands. I'm gonna work it into each command where appropriate, seems to be a few cases to be handled. Fix coming shortly.

Hmm right yep, I see the place I've hooked in for host checking is not working for here and other commands. I'm gonna work it into each command where appropriate, seems to be a few cases to be handled. Fix coming shortly.

decentral1se referenced this issue from a commit 2021-11-09 16:46:46 +00:00

fix: only check host keys on requested hosts

decentral1se commented 2021-11-09 16:47:04 +00:00

Owner

Copy Link

@3wordchant if you could test 6f26b51f3e that'd be great!

@3wordchant if you could test https://git.coopcloud.tech/coop-cloud/abra/commit/6f26b51f3e46b17c235da2df4eadaae90aefbc73 that'd be great!

decentral1se added the

awaiting-feedback

label 2021-11-13 22:17:37 +00:00

3wordchant commented 2021-11-20 13:12:41 +00:00

Author

Owner

Copy Link

Yeah that's working fine now, nice one! 🎊

Yeah that's working fine now, nice one! 🎊

decentral1se closed this issue 2021-11-20 14:37:09 +00:00

decentral1se removed the

awaiting-feedback

label 2021-11-20 14:37:16 +00:00

3wordchant referenced this issue 2021-11-24 21:17:30 +00:00

`abra app rm` causes SSH connections to other servers #266

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

Labels

Clear labels   

abra

Everything to do with abra

  

abra-gandi

Abra Gandi plugin

  

awaiting-feedback

Ping/pong on comms

  

backups

  

bug

Something is not working

  

build

Go build related issues

  

ci/cd

Getting the robots into the mix

  

community organising

Opening this thing up

  

contributing

Contributors stuff

  

coopcloud.tech

Our main website

  

democracy

Democratic decision making

  

design

Design thinking required

  

documentation

Let's write things together

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

finance

Money things

  

funding

Anything related to grant funding

  

good first issue

Easy start with development

  

help wanted

Need some help

  

installer

Installation related issues

  

kadabra

  

performance

Performance related

  

proposal

Large change which requires feedback & decisin making

  

question

More information is needed

  

recipes.coopcloud.tech

Our recipes catalogue

  

security

Securing our shit

  

test

Unit or integration test suite

  

wontfix

This won't be fixed

No Label

abra

abra-gandi

awaiting-feedback

backups

bug

build

ci/cd

community organising

contributing

coopcloud.tech

democracy

design

documentation

duplicate

enhancement

finance

funding

good first issue

help wanted

installer

kadabra

performance

proposal

question

recipes.coopcloud.tech

security

test

wontfix

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

2 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: coop-cloud/organising#242

No description provided.