search

bastillion-io / Bastillion

Bastillion is a web-based SSH console that centrally manages administrative access to systems. Web-based administration is combined with management and distribution of user's public SSH keys.
https://www.bastillion.io
Other
3.19k stars 382 forks source link

Import of SSH systems and users #190

Open AlphaJosh opened 7 years ago

AlphaJosh commented 7 years ago

I would like to import many systems and users across multiple devices with KeyBox.

Is there any method to achieve this please?

skavanagh commented 7 years ago

you can download the h2 client http://www.h2database.com/html/main.html connect to the DB and insert into the system and user table.

skavanagh commented 7 years ago

here is an example on how to connect and run a script http://stackoverflow.com/a/10679673

ghost-pep commented 6 years ago

How do I connect with the AES encryption? I have the keybox user specified and added ;CIPHER=AES to my connection string. I am using the database password as well. Do I need to specify the AES encrypted password? If so, how would I do this? @skavanagh I am getting an error with corrupted headers for the database file. I know this is not the case because I can stop and restart the service on my machine without having any data loss or errors from keybox itself.

skavanagh commented 6 years ago

Like this - http://www.h2database.com/html/features.html#file_encryption

you use the normal password (not the encrypted one). I think you may have to put 'filepwd ' and then the password. Just like the example in the link above.

sxa commented 4 years ago

[EDIT: User error - after I got past the authentication/connection issues I had switched back to a different user which didn't have access to the database file I was accessing, but I'm leaving this here just to help anyone else since it includes the full connection command that others may fine useful]

@skavanagh I'm struggling to be able to write to the database. I've got a connection, and have specified the option that should allow it to give me write access ... The DB file is mode 664 so the underlying file is writable. Any idea what I might be missing?

java -cp ~/Bastillion-jetty/jetty/bastillion/WEB-INF/lib/h2-1.4.199.jar org.h2.tools.Shell -driver org.h2.Driver -url 'jdbc:h2:/home/bastillion/Bastillion-jetty/jetty/bastillion/WEB-INF/classes/keydb/x/bastillion;ACCESS_MODE_DATA=rws;CIPHER=AES' -user bastillion -password "filepwd MYDBPASSWORD" But every time I try to insert/update I get a message telling me the database is read-only:

Welcome to H2 Shell 1.4.199 (2019-03-13)
Exit with Ctrl+C
Commands are case insensitive; SQL statements end with ';'
help or ?      Display this help
list           Toggle result list / stack trace mode
maxwidth       Set maximum column width (default is 100)
autocommit     Enable or disable autocommit
history        Show the last 20 statements
quit or exit   Close the connection and exit

sql> insert into system values (default, 'mymachine', 'root', '1.2.3.4', 22, '~/.ssh/authorized_keys', 'SUCCESS');
Error: org.h2.jdbc.JdbcSQLNonTransientException: The database is read only; SQL statement:
insert into system values (default, 'mymachine', 'root', '1.2.3.4', 22, '~/.ssh/authorized_keys', 'SUCCESS') [90097-199]

I'm sure I'm missing something obvious, but I can't see what it might be. Any advice?

goldman7911 commented 4 years ago

@sxa thanks for your commando

I could connect using this

java -cp ~/Bastillion-jetty/jetty/bastillion/WEB-INF/lib/h2-1.4.200.jar org.h2.tools.Shell -driver org.h2.Driver -url 'jdbc:h2:/home/XXXXX/Bastillion-jetty/jetty/bastillion/WEB-INF/classes/keydb/bastillion;CIPHER=AES;' -user bastillion -password "filepwd xxxxx"

And sucessfully insert with this:

sql> INSERT INTO SYSTEM (DISPLAY_NM, USER, HOST, PORT, AUTHORIZED_KEYS)
...> VALUES('XXXXX', 'XXXX', 'XXXXX', '22', '~/.ssh/XXXXX_keys');
(Update count: 1, 9 ms)
sql>
sql>
sql> select * from SYSTEM;
ID | DISPLAY_NM | USER | HOST       | PORT | AUTHORIZED_KEYS     | STATUS_CD
(...)
11 | XXXXX | XXXX| XXXX| 22   | ~/.ssh/XXXX_keys | INITIAL
(7 rows, 21 ms)

But, It need to stop de currently running server.

@skavanagh is there a way to insert a host with the currently password? We are deploying about ~500 servers using bastillion, and if not, it will be about 500 times putting the pass versus each user.

akanksha-singh-robomq commented 10 months ago

@goldman7911 I am getting the following error when I am trying to connect using 'java -cp ~/Bastillion-jetty/jetty/bastillion/WEB-INF/lib/h2-1.4.200.jar org.h2.tools.Shell -driver org.h2.Driver -url 'jdbc:h2:/home/XXXXX/Bastillion-jetty/jetty/bastillion/WEB-INF/classes/keydb/bastillion;CIPHER=AES;' -user bastillion -password "filepwd xxxxx"'

Error: Could not find or load main class org.h2.tools.Shell Caused by: java.lang.ClassNotFoundException: org.h2.tools.Shell

I am using java version 11.

sxa commented 10 months ago

That's a fairly fundamental faulure - if it can't find the class that would suggest to me that the h2-1.4.200.jar file is not accessible in the location you've specified (I'd check that first) or is corrupt and doesn't contain the Shell class